blackuser | 23.09.2015 21:17 | ok, hier sind die Log Files:
FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Fabian (Administrator) auf LENOVO-YOGA-3 (23-09-2015 20:55:38)
Gestartet von C:\Users\Fabian\Downloads\Programme\Farbar's Recovery Scan Tool
Geladene Profile: Fabian (Verfügbare Profile: Fabian)
Platform: Windows 10 Education (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-
tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird
nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client
\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(Avid) C:\Program Files (x86)\Avid\Fast Track Duo\AudioDevMon.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(Lupinho.Net) C:\Program Files\Lupinho.Net\HardlinkBackup\HardlinkBackup.Service.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence
\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence
\swi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Fabian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lupinho.Net) C:\Program Files\Lupinho.Net\HardlinkBackup\HardlinkBackupTray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client
\vpnui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs
\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
\MicrosoftEdgeCP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den
Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-08-
14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_BYPASS_AUDIO_EFFECT_WHEN_POWERSAVING] => C:\Program Files\Realtek\Audio
\HDA\RAVBg64.exe [1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-
08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
[1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
[1402624 2015-08-14] (Realtek Semiconductor)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin
\OneKeyOptimizerTray.exe [605992 2015-03-30] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2015-06-19]
(Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate
\almon.exe [1592104 2015-08-14] (Sophos Limited)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files
(x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-02-19] (Cisco
Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960
2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes
\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Run: [Skype] => C:\Program Files
(x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Run: [EPSON Stylus DX7400] => C:
\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE [213504 2007-04-12] (SEIKO EPSON
CORPORATION)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Run: [Spotify Web Helper] => C:\Users
\Fabian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Run: [Spotify] => C:\Users\Fabian
\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-18] (Spotify Ltd)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Run: [CCleaner Monitoring] => C:\Program
Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos
Anti-Virus\sophos_detoured_x64.dll [217672 2015-08-14] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos
\Sophos Anti-Virus\sophos_detoured.dll [275352 2015-08-14] (Sophos Limited)
AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos
\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-08-14] (Sophos Limited)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:
\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>
C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-
9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12]
(Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-
CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12]
(Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-
E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12]
(Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HardlinkBackup Tray.lnk
[2015-08-14]
ShortcutTarget: HardlinkBackup Tray.lnk -> C:\Program Files\Lupinho.Net\HardlinkBackup
\HardlinkBackupTray.exe (Lupinho.Net)
Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe
Gamma.lnk [2015-08-29]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe
Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den
Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-21] (Lavasoft
Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-21] (Lavasoft
Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-21] (Lavasoft
Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-21] (Lavasoft
Limited)
Winsock: Catalog9 17 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-21] (Lavasoft
Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-21]
(Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-21]
(Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-21]
(Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-21]
(Lavasoft Limited)
Winsock: Catalog9-x64 17 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-21]
(Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 62.81.16.213
Tcpip\..\Interfaces\{1a6848c4-e1fe-4587-a160-253904eeaf54}: [NameServer]
131.188.0.10,131.188.0.11
Tcpip\..\Interfaces\{2f0dcfe5-44a4-4ce6-8da0-fe87382e8d2f}: [DhcpNameServer] 62.81.16.213
Internet Explorer:
==================
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\Software\Microsoft\Internet Explorer
\Main,Start Page = hxxps://startpage.com/
SearchScopes: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001 -> {0633EE93-D776-472f-A0FF-
E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D092115-
A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program
Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
[2015-08-04] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:
\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office
\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: QuickStores-Toolbar -> {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -> C:\Windows
\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:
\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft
Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:
\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft
Corporation)
Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - C:\Windows
\SysWOW64\mscoree.dll [2015-07-10] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office
15\root\Office15\MSOSB.DLL [2015-08-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\1ky322z7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[2015-08-19] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04
-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash
\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root
\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-14] (Microsoft
Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office
15\root\Office15\NPSPWRAP.DLL [2015-08-14] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2728090300-4047253873-3035192864-1001: SkypePlugin -> C:\Users\Fabian
\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2728090300-4047253873-3035192864-1001: SkypePlugin64 -> C:\Users\Fabian
\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies
S.A.)
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions
\quickstores@quickstores.de [2015-08-29]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei
wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service
\Adobelmsvc.exe [72704 2015-08-29] (Adobe Systems) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472
2015-08-11] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-28]
(Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-28]
(Dropbox, Inc.)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191000 2015-01
-27] (Lenovo)
R2 FastTrackDuoAudioDevMon; C:\Program Files (x86)\Avid\Fast Track Duo\AudioDevMon.exe [2036496
2013-05-24] (Avid)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
[1688336 2013-05-23] (M-Audio)
R2 HardlinkBackupService; C:\Program Files\Lupinho.Net\HardlinkBackup
\HardlinkBackup.Service.exe [15360 2014-04-02] (Lupinho.Net) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-08-14] (Intel
Corporation)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
[2742568 2015-03-31] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424
2015-08-17] (Lenovo)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [359208 2015-
03-30] (Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-
09-19] (Electronic Arts)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1142768 2013-12-20]
(Paramount Software UK Ltd)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552
2015-08-14] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-08-
14] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340264 2015-
08-14] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control
\swc_service.exe [341800 2015-08-14] (Sophos Limited)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [3517808 2015-
07-22] ()
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
[300840 2015-08-14] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence
\swi_service.exe [3278632 2015-08-14] (Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07]
(TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft
Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft
Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei
wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft
Corporation)
R0 Fastboot; C:\Windows\System32\Drivers\Fastboot.sys [70168 2015-01-27] (Windows (R) Win 7 DDK
provider)
S3 MAUSBFASTTRACKPRO; C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23]
(M-Audio)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-08-14] (Intel Corporation)
R3 Qcamain; C:\Windows\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros,
Inc.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-08-14] (Realsil Semiconductor
Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor
Corp.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-08-14] (Sophos
Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-08-14] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-08-14]
(Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-08-14] (Sophos Limited)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [48296 2015-06-19] (Synaptics
Incorporated)
R3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-07-22] (The OpenVPN Project)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [194392 2015-09-03] (IDRIX)
R3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft
Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft
Corporation)
U4 dmwappushsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei
wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 20:54 - 2015-09-23 20:55 - 00000000 ____D C:\FRST
2015-09-23 20:51 - 2015-09-23 20:51 - 00016148 _____ C:\Windows\system32\LENOVO-YOGA-
3_Fabian_HistoryPrediction.bin
2015-09-23 20:05 - 2015-09-23 20:05 - 00000149 _____ C:\Windows\setupact.log
2015-09-23 20:05 - 2015-09-23 20:05 - 00000000 _____ C:\Windows\setuperr.log
2015-09-23 19:56 - 2015-09-23 19:56 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Mozilla Firefox.lnk
2015-09-23 19:55 - 2015-09-23 20:09 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-09-23 19:55 - 2015-09-23 19:55 - 00001296 _____ C:\Windows\PFRO.log
2015-09-23 19:55 - 2015-09-23 19:55 - 00000000 ___HD C:\OneDriveTemp
2015-09-23 19:47 - 2015-09-23 19:47 - 00002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-23 19:47 - 2015-09-23 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\CCleaner
2015-09-23 19:47 - 2015-09-23 19:47 - 00000000 ____D C:\Program Files\CCleaner
2015-09-23 19:46 - 2015-09-23 19:46 - 06667640 _____ (Piriform Ltd) C:\Users\Fabian\Downloads
\ccsetup509.exe
2015-09-23 19:43 - 2015-09-23 19:43 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-23 19:36 - 2015-09-23 20:08 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Mozilla
2015-09-21 22:16 - 2015-09-21 22:16 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\dlg
2015-09-21 22:13 - 2015-09-21 22:13 - 00425744 _____ (Lavasoft Limited) C:\Windows
\system32\LavasoftTcpService64.dll
2015-09-21 22:13 - 2015-09-21 22:13 - 00345360 _____ (Lavasoft Limited) C:\Windows
\SysWOW64\LavasoftTcpService.dll
2015-09-21 22:13 - 2015-09-21 22:13 - 00002880 _____ C:\Windows
\SysWOW64\LavasoftTcpServiceOff.ini
2015-09-21 22:13 - 2015-09-21 22:13 - 00002880 _____ C:\Windows
\system32\LavasoftTcpServiceOff.ini
2015-09-21 19:20 - 2015-09-21 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\M-Audio
2015-09-21 19:20 - 2015-09-21 19:20 - 00000000 ____D C:\Program Files\M-Audio
2015-09-21 19:20 - 2015-09-21 19:20 - 00000000 ____D C:\Program Files (x86)\M-Audio
2015-09-21 19:14 - 2015-09-21 19:14 - 00000000 ____D C:\Users\Fabian\AppData\Local\Avid
2015-09-21 19:12 - 2015-09-21 19:14 - 00000000 ____D C:\ProgramData\AVID
2015-09-21 19:12 - 2015-09-21 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Avid
2015-09-21 19:12 - 2015-09-21 19:12 - 00000000 ____D C:\Program Files\Avid
2015-09-21 19:12 - 2015-09-21 19:12 - 00000000 ____D C:\Program Files (x86)\Avid
2015-09-21 19:11 - 2015-09-21 19:23 - 00000000 ____D C:\Users\Fabian\Downloads\Treiber
2015-09-21 18:05 - 2015-09-21 19:13 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\ooVoo
Details
2015-09-21 17:44 - 2015-09-21 17:44 - 00000000 ____D C:\Users\Fabian\AppData\Local\SkypePlugin
2015-09-20 21:48 - 2015-09-20 21:48 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\OpenOffice 4.1.1
2015-09-20 21:48 - 2015-09-20 21:48 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\OpenOffice
2015-09-20 21:47 - 2015-09-20 21:47 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-09-19 23:08 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows
\system32\MpSigStub.exe
2015-09-19 19:45 - 2015-09-19 19:45 - 00000000 ____D C:\Users\Fabian\Documents\Adobe
2015-09-19 17:57 - 2015-09-19 17:57 - 00000000 ____D C:\Users\Fabian\AppData\Local\Image
Composite Editor
2015-09-19 17:56 - 2015-09-19 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Image Composite Editor
2015-09-19 17:56 - 2015-09-19 17:56 - 00000000 ____D C:\Program Files\Microsoft Research
2015-09-19 14:02 - 2015-09-19 14:02 - 00001441 _____ C:\Users\Public\Desktop\Yuri's Revenge
Online - CnCNet 5.lnk
2015-09-19 14:02 - 2015-09-19 14:02 - 00000000 ____D C:\Users\Fabian\Downloads\Games
2015-09-19 13:24 - 2015-09-19 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Westwood Online
2015-09-19 13:24 - 2015-09-19 13:24 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-19 13:24 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_7.dll
2015-09-19 13:24 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_7.dll
2015-09-19 13:24 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_7.dll
2015-09-19 13:24 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_7.dll
2015-09-19 13:24 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_5.dll
2015-09-19 13:24 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_5.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows
\system32\d3dcsx_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dcsx_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx11_43.dll
2015-09-19 13:24 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx11_43.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_6.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_6.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_6.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_6.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_4.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_4.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_7.dll
2015-09-19 13:24 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_7.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_5.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_5.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_5.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_5.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_3.dll
2015-09-19 13:24 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_3.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows
\system32\d3dcsx_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dcsx_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx11_42.dll
2015-09-19 13:24 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx11_42.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_4.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_4.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_4.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_4.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_6.dll
2015-09-19 13:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_6.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_41.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_41.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_41.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_41.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_41.dll
2015-09-19 13:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_41.dll
2015-09-19 13:24 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_3.dll
2015-09-19 13:24 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_3.dll
2015-09-19 13:24 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_2.dll
2015-09-19 13:24 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_2.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_40.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_40.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_40.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_40.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_40.dll
2015-09-19 13:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_40.dll
2015-09-19 13:23 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_3.dll
2015-09-19 13:23 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_3.dll
2015-09-19 13:23 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_5.dll
2015-09-19 13:23 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_5.dll
2015-09-19 13:23 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_2.dll
2015-09-19 13:23 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_2.dll
2015-09-19 13:23 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_1.dll
2015-09-19 13:23 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_1.dll
2015-09-19 13:23 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_2.dll
2015-09-19 13:23 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_2.dll
2015-09-19 13:23 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_39.dll
2015-09-19 13:23 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_39.dll
2015-09-19 13:23 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_39.dll
2015-09-19 13:23 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_39.dll
2015-09-19 13:23 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_39.dll
2015-09-19 13:23 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_39.dll
2015-09-19 13:23 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_1.dll
2015-09-19 13:23 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_1.dll
2015-09-19 13:23 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_1.dll
2015-09-19 13:23 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_1.dll
2015-09-19 13:23 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows
\system32\XAPOFX1_0.dll
2015-09-19 13:23 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAPOFX1_0.dll
2015-09-19 13:23 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_4.dll
2015-09-19 13:23 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_4.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_38.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_38.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_38.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_38.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_38.dll
2015-09-19 13:23 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_38.dll
2015-09-19 13:23 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows
\system32\XAudio2_0.dll
2015-09-19 13:23 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\XAudio2_0.dll
2015-09-19 13:23 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine3_0.dll
2015-09-19 13:23 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine3_0.dll
2015-09-19 13:23 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_3.dll
2015-09-19 13:23 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_3.dll
2015-09-19 13:23 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows
\system32\D3DX9_37.dll
2015-09-19 13:23 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DX9_37.dll
2015-09-19 13:23 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_37.dll
2015-09-19 13:23 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_37.dll
2015-09-19 13:23 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_37.dll
2015-09-19 13:23 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_37.dll
2015-09-19 13:23 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_10.dll
2015-09-19 13:23 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_10.dll
2015-09-19 13:23 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows
\system32\X3DAudio1_2.dll
2015-09-19 13:23 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\X3DAudio1_2.dll
2015-09-19 13:23 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_36.dll
2015-09-19 13:23 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_36.dll
2015-09-19 13:23 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_36.dll
2015-09-19 13:23 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_36.dll
2015-09-19 13:23 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_36.dll
2015-09-19 13:23 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_36.dll
2015-09-19 13:23 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_9.dll
2015-09-19 13:23 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_9.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_35.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_35.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_35.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_35.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_35.dll
2015-09-19 13:23 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_35.dll
2015-09-19 13:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_8.dll
2015-09-19 13:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_8.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_34.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_34.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_34.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_34.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_34.dll
2015-09-19 13:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_34.dll
2015-09-19 13:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_7.dll
2015-09-19 13:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_7.dll
2015-09-19 13:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows
\system32\xinput1_3.dll
2015-09-19 13:23 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xinput1_3.dll
2015-09-19 13:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10_33.dll
2015-09-19 13:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10_33.dll
2015-09-19 13:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_33.dll
2015-09-19 13:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_33.dll
2015-09-19 13:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows
\system32\D3DCompiler_33.dll
2015-09-19 13:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\D3DCompiler_33.dll
2015-09-19 13:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows
\system32\x3daudio1_1.dll
2015-09-19 13:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\x3daudio1_1.dll
2015-09-19 13:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_6.dll
2015-09-19 13:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_6.dll
2015-09-19 13:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_5.dll
2015-09-19 13:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_5.dll
2015-09-19 13:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_32.dll
2015-09-19 13:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_32.dll
2015-09-19 13:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx10.dll
2015-09-19 13:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx10.dll
2015-09-19 13:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_31.dll
2015-09-19 13:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_31.dll
2015-09-19 13:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_4.dll
2015-09-19 13:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_4.dll
2015-09-19 13:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows
\system32\xinput1_2.dll
2015-09-19 13:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_3.dll
2015-09-19 13:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_3.dll
2015-09-19 13:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xinput1_2.dll
2015-09-19 13:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_2.dll
2015-09-19 13:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_2.dll
2015-09-19 13:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_30.dll
2015-09-19 13:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_30.dll
2015-09-19 13:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_1.dll
2015-09-19 13:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_1.dll
2015-09-19 13:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows
\system32\xinput1_1.dll
2015-09-19 13:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xinput1_1.dll
2015-09-19 13:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_29.dll
2015-09-19 13:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_29.dll
2015-09-19 13:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows
\system32\xactengine2_0.dll
2015-09-19 13:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\xactengine2_0.dll
2015-09-19 13:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows
\system32\x3daudio1_0.dll
2015-09-19 13:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\x3daudio1_0.dll
2015-09-19 13:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_28.dll
2015-09-19 13:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_28.dll
2015-09-19 13:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_27.dll
2015-09-19 13:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_27.dll
2015-09-19 13:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_26.dll
2015-09-19 13:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_26.dll
2015-09-19 13:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_25.dll
2015-09-19 13:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_25.dll
2015-09-19 13:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows
\system32\d3dx9_24.dll
2015-09-19 13:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\d3dx9_24.dll
2015-09-19 13:18 - 2015-09-19 15:01 - 00000000 ____D C:\Users\Fabian\Downloads\Patches
2015-09-19 13:16 - 2015-09-21 19:13 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Origin
2015-09-19 13:16 - 2015-09-19 13:44 - 00000000 ____D C:\Users\Fabian\AppData\Local\Origin
2015-09-19 13:16 - 2015-09-19 13:17 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-19 13:15 - 2015-09-19 13:59 - 00000000 ____D C:\ProgramData\Origin
2015-09-19 13:15 - 2015-09-19 13:16 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-19 13:15 - 2015-09-19 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Origin
2015-09-19 13:15 - 2015-09-19 13:15 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-09-18 18:23 - 2015-09-18 18:23 - 00000000 ___RD C:\Users\Fabian\3D Objects
2015-09-17 04:29 - 2015-09-19 00:21 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\dvdcss
2015-09-17 04:28 - 2015-09-17 04:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Elaborate Bytes
2015-09-17 04:28 - 2015-09-17 04:28 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-09-17 02:54 - 2015-09-17 02:54 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2015-09-17 02:54 - 2015-09-17 02:54 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2015-09-16 00:41 - 2015-09-16 00:41 - 00000000 ____D C:\Users\Fabian\AppData\Roaming
\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-09-16 00:41 - 2015-09-16 00:41 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\chc
2015-09-15 23:29 - 2015-09-15 23:29 - 00000000 ____D C:\Program Files (x86)\My Company Name
2015-09-15 23:29 - 2009-07-09 03:00 - 00055280 ____N (Sonic Solutions) C:\Windows
\system32\Drivers\PxHlpa64.sys
2015-09-15 23:29 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows
\system32\Drivers\cdralw2k.sys
2015-09-15 23:29 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows
\system32\Drivers\cdr4_xp.sys
2015-09-15 23:28 - 2015-09-17 03:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-15 23:27 - 2015-09-19 19:37 - 00000000 ____D C:\Program Files\Adobe
2015-09-15 16:05 - 2015-08-14 23:15 - 00032512 _____ (Sophos Limited) C:\Windows
\system32\Drivers\swi_callout.sys
2015-09-14 23:58 - 2015-09-14 23:58 - 00000000 ____D C:\Users\Fabian\AppData\Local\Sophos
2015-09-14 20:43 - 2015-09-14 20:43 - 01597448 _____ C:\Windows\system32\Drivers
\dump_history_wmi_cmd_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 01597448 _____ C:\Windows\system32\Drivers
\dump_history_wmi_cmd_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 01581064 _____ C:\Windows\system32\Drivers
\dump_history_wmi_evt_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 01581064 _____ C:\Windows\system32\Drivers
\dump_history_wmi_evt_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00522272 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_reg_1d8_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00522272 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_reg_1d7_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00458752 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_dram_1d8_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00458752 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_dram_1d7_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00188424 _____ C:\Windows\system32\Drivers
\dump_history_ndis_oid_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00188424 _____ C:\Windows\system32\Drivers
\dump_history_ndis_oid_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00098304 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_axi_1d8_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00098304 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_axi_1d7_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00040968 _____ C:\Windows\system32\Drivers
\dump_history_ndis_indication_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00040968 _____ C:\Windows\system32\Drivers
\dump_history_ndis_indication_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00004104 _____ C:\Windows\system32\Drivers
\dump_history_vap_state_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00004104 _____ C:\Windows\system32\Drivers
\dump_history_vap_state_618109.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00001975 _____ C:\Windows\system32\Drivers
\fwdump_ce_reg_1d7_620437.log
2015-09-14 20:43 - 2015-09-14 20:43 - 00001960 _____ C:\Windows\system32\Drivers
\fwdump_ce_reg_1d8_618109.log
2015-09-14 19:30 - 2015-09-14 19:30 - 01597448 _____ C:\Windows\system32\Drivers
\dump_history_wmi_cmd_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 01597448 _____ C:\Windows\system32\Drivers
\dump_history_wmi_cmd_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 01581064 _____ C:\Windows\system32\Drivers
\dump_history_wmi_evt_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 01581064 _____ C:\Windows\system32\Drivers
\dump_history_wmi_evt_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00522272 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_reg_1d8_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00522272 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_reg_1d7_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00458752 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_dram_1d8_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00458752 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_dram_1d7_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00188424 _____ C:\Windows\system32\Drivers
\dump_history_ndis_oid_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00188424 _____ C:\Windows\system32\Drivers
\dump_history_ndis_oid_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00098304 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_axi_1d8_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00098304 _____ C:\Windows\system32\Drivers
\fwdump_ar6320v2_axi_1d7_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00040968 _____ C:\Windows\system32\Drivers
\dump_history_ndis_indication_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00040968 _____ C:\Windows\system32\Drivers
\dump_history_ndis_indication_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00004104 _____ C:\Windows\system32\Drivers
\dump_history_vap_state_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00004104 _____ C:\Windows\system32\Drivers
\dump_history_vap_state_32316640.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00001972 _____ C:\Windows\system32\Drivers
\fwdump_ce_reg_1d7_32318906.log
2015-09-14 19:30 - 2015-09-14 19:30 - 00001960 _____ C:\Windows\system32\Drivers
\fwdump_ce_reg_1d8_32316640.log
2015-09-11 17:05 - 2015-09-11 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Guitar Pro 5
2015-09-11 17:04 - 2015-09-11 17:04 - 00000000 ____D C:\Program Files (x86)\Guitar Pro 5
2015-09-11 12:48 - 2015-09-22 00:38 - 00000000 ____D C:\Users\Fabian\AppData\Local\Spotify
2015-09-11 12:48 - 2015-09-22 00:34 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Spotify
2015-09-11 12:48 - 2015-09-11 12:48 - 00001841 _____ C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\Spotify.lnk
2015-09-09 14:52 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\Windows
\system32\win32kfull.sys
2015-09-09 14:52 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\Windows
\system32\win32kbase.sys
2015-09-09 14:52 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\Windows
\system32\iertutil.dll
2015-09-09 14:52 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\Windows
\system32\fontdrvhost.exe
2015-09-09 14:52 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\Windows
\system32\edgehtml.dll
2015-09-09 14:52 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\iertutil.dll
2015-09-09 14:52 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\Windows
\system32\mshtml.dll
2015-09-09 14:52 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\fontdrvhost.exe
2015-09-09 14:52 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\Windows
\system32\authui.dll
2015-09-09 14:52 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\Windows
\system32\Windows.UI.Immersive.dll
2015-09-09 14:52 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\Windows
\system32\schedsvc.dll
2015-09-09 14:52 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\Windows
\system32\ieframe.dll
2015-09-09 14:52 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\Windows
\system32\jscript.dll
2015-09-09 14:52 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\Windows
\system32\vbscript.dll
2015-09-09 14:52 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\Windows
\system32\SettingSync.dll
2015-09-09 14:52 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\Windows
\system32\winlogon.exe
2015-09-09 14:52 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\mshtml.dll
2015-09-09 14:52 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\edgehtml.dll
2015-09-09 14:52 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\authui.dll
2015-09-09 14:52 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 14:52 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\jscript.dll
2015-09-09 14:52 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\vbscript.dll
2015-09-09 14:52 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\SettingSync.dll
2015-09-09 14:52 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\ieframe.dll
2015-09-09 14:51 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\Windows
\system32\acmigration.dll
2015-09-09 14:51 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows
\system32\atmfd.dll
2015-09-09 14:51 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\Windows
\system32\Windows.UI.PicturePassword.dll
2015-09-09 14:51 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\Windows
\system32\shacct.dll
2015-09-09 14:51 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows
\SysWOW64\atmfd.dll
2015-09-09 14:51 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\shacct.dll
2015-09-09 11:47 - 2015-09-09 12:09 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\EndNote
2015-09-04 21:15 - 2015-09-04 21:15 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\JDownloader
2015-09-04 21:13 - 2015-09-17 16:33 - 00000000 ____D C:\Users\Fabian\AppData\Local\JDownloader
2.0
2015-09-02 20:18 - 2015-09-23 19:51 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\TeamViewer
2015-09-02 20:18 - 2015-09-02 20:18 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\TeamViewer 10.lnk
2015-09-02 20:18 - 2015-09-02 20:18 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-02 20:16 - 2015-09-02 20:16 - 08140296 _____ (TeamViewer GmbH) C:\Users\Fabian
\Downloads\TeamViewer_Setup_de.exe
2015-09-01 20:25 - 2015-09-01 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\EPSON
2015-09-01 20:24 - 2015-09-01 20:25 - 00000000 ____D C:\ProgramData\EPSON
2015-09-01 20:24 - 2007-12-07 02:08 - 00108032 _____ (SEIKO EPSON CORPORATION) C:\Windows
\system32\E_ILMCDE.DLL
2015-09-01 20:24 - 2007-12-07 02:01 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows
\system32\E_IBCBCDE.DLL
2015-09-01 20:24 - 2005-02-02 12:05 - 00008704 _____ (SEIKO EPSON CORP.) C:\Windows
\system32\E_GCINST.DLL
2015-09-01 20:21 - 2015-09-01 20:23 - 11904000 _____ C:\Users\Fabian\Downloads
\epson375181eu.exe
2015-08-31 10:01 - 2015-09-23 11:39 - 00000000 ____D C:\Users\Fabian\AppData\Local\Microsoft
Help
2015-08-30 23:14 - 2015-08-30 23:14 - 03059440 _____ (Realtek Semiconductor Corp.) C:\Windows
\system32\Drivers\rtsuvc.sys
2015-08-30 23:14 - 2015-08-30 23:14 - 02637552 _____ (Realtek Semiconductor Corp.) C:\Windows
\RtCamU64.exe
2015-08-30 23:14 - 2015-08-30 23:14 - 01982192 _____ (Realtek Semiconductor Corp.) C:\Windows
\SysWOW64\RsDecode.dll
2015-08-30 23:14 - 2015-08-30 23:14 - 00559344 _____ (Realtek Semiconductor Corp.) C:\Windows
\system32\RtCamX64.dll
2015-08-30 23:14 - 2015-08-30 23:14 - 00495360 _____ (Realtek Semiconductor Corp.) C:\Windows
\SysWOW64\RtCamX.dll
2015-08-29 14:21 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\Windows
\system32\ntoskrnl.exe
2015-08-29 14:21 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\Windows
\system32\ci.dll
2015-08-29 14:21 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\Windows
\system32\shell32.dll
2015-08-29 14:21 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows
\system32\InstallAgent.exe
2015-08-29 14:21 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\Windows
\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 14:21 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\shell32.dll
2015-08-29 14:21 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\Windows
\system32\wuaueng.dll
2015-08-29 14:21 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\Windows
\system32\Drivers\bthport.sys
2015-08-29 14:21 - 2015-08-18 09:56 - 02498808 _____ C:\Windows\system32\CoreUIComponents.dll
2015-08-29 14:21 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\Windows
\system32\Drivers\USBXHCI.SYS
2015-08-29 14:21 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\Windows
\system32\LicenseManager.dll
2015-08-29 14:21 - 2015-08-18 09:27 - 01771592 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-08-29 14:21 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\LicenseManager.dll
2015-08-29 14:21 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\Windows
\system32\WlanMediaManager.dll
2015-08-29 14:21 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\Windows
\system32\NetSetupShim.dll
2015-08-29 14:21 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\Windows
\system32\NetworkMobileSettings.dll
2015-08-29 14:21 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\Windows
\system32\wlansvc.dll
2015-08-29 14:21 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\Windows
\system32\aitstatic.exe
2015-08-29 14:21 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\Windows
\system32\modernexecserver.dll
2015-08-29 14:21 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\Windows
\system32\wcnwiz.dll
2015-08-29 14:21 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\Windows
\system32\WcnApi.dll
2015-08-29 14:21 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\Windows
\system32\NetSetupSvc.dll
2015-08-29 14:21 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\Windows
\system32\dafWCN.dll
2015-08-29 14:21 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\Windows
\system32\fdWCN.dll
2015-08-29 14:21 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows
\system32\WcnNetsh.dll
2015-08-29 14:21 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\Windows
\system32\wfdprov.dll
2015-08-29 14:21 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\Windows
\system32\BthRadioMedia.dll
2015-08-29 14:21 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\Windows
\system32\AppXDeploymentServer.dll
2015-08-29 14:21 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\Windows
\system32\vaultsvc.dll
2015-08-29 14:21 - 2015-08-18 08:54 - 00247296 _____ C:\Windows
\system32\facecredentialprovider.dll
2015-08-29 14:21 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\Windows
\system32\dwmcore.dll
2015-08-29 14:21 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\Windows
\system32\AppXDeploymentExtensions.dll
2015-08-29 14:21 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\Windows
\system32\reseteng.dll
2015-08-29 14:21 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\NetSetupShim.dll
2015-08-29 14:21 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\Windows
\system32\PackageStateRoaming.dll
2015-08-29 14:21 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\wcnwiz.dll
2015-08-29 14:21 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\WcnApi.dll
2015-08-29 14:21 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\fdWCN.dll
2015-08-29 14:21 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\wfdprov.dll
2015-08-29 14:21 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\dwmcore.dll
2015-08-29 14:21 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\Windows
\SysWOW64\PackageStateRoaming.dll
2015-08-29 14:21 - 2015-08-18 06:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2015-08-29 13:38 - 2015-08-29 13:58 - 00000000 ____D C:\Users\Fabian\Downloads\Add Ons
Microsoft Edge
2015-08-29 13:31 - 2015-09-23 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-29 11:21 - 2015-08-29 11:21 - 00000187 _____ C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\QuickStores.url
2015-08-29 11:21 - 2015-08-29 11:21 - 00000000 ____D C:\Users\Fabian\AppData\Roaming
\QuickStoresToolbar
2015-08-29 11:21 - 2015-08-29 11:21 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\Unlocker
2015-08-29 11:21 - 2015-08-29 11:21 - 00000000 ____D C:\Program Files\Unlocker
2015-08-29 10:58 - 2015-08-29 10:58 - 00000000 ____D C:\Users\Fabian\Documents\Updater
2015-08-29 10:54 - 2015-09-15 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Adobe
2015-08-29 10:54 - 2015-08-29 10:54 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2015-08-29 10:42 - 2015-09-23 19:51 - 00000000 ____D C:\Windows\Minidump
2015-08-29 00:07 - 2015-08-29 00:07 - 00000000 ____D C:\Users\Fabian\AppData\Local\CEF
2015-08-29 00:06 - 2015-08-29 00:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Acrobat Reader DC.lnk
2015-08-28 23:10 - 2015-09-23 19:55 - 00000000 ___RD C:\Users\Fabian\Dropbox
2015-08-28 23:09 - 2015-08-28 23:09 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Dropbox
2015-08-28 23:09 - 2015-08-28 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Dropbox
2015-08-28 23:04 - 2015-09-23 20:09 - 00001242 _____ C:\Windows\Tasks
\DropboxUpdateTaskMachineUA.job
2015-08-28 23:04 - 2015-09-23 19:55 - 00001238 _____ C:\Windows\Tasks
\DropboxUpdateTaskMachineCore.job
2015-08-28 23:04 - 2015-09-23 19:55 - 00000000 ____D C:\Users\Fabian\AppData\Local\Dropbox
2015-08-28 23:04 - 2015-08-28 23:09 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-28 23:04 - 2015-08-28 23:04 - 00004302 _____ C:\Windows\System32\Tasks
\DropboxUpdateTaskMachineUA
2015-08-28 23:04 - 2015-08-28 23:04 - 00004070 _____ C:\Windows\System32\Tasks
\DropboxUpdateTaskMachineCore
2015-08-28 23:04 - 2015-08-28 23:04 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-28 12:06 - 2015-09-17 02:10 - 00000000 ____D C:\ProgramData\SurfEasyService
2015-08-28 12:06 - 2015-09-15 21:36 - 00000000 ____D C:\Users\Fabian\AppData\Local
\com.surfeasy.se0200
2015-08-28 12:06 - 2015-08-28 12:06 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\SurfEasy VPN
2015-08-28 12:06 - 2015-08-28 12:06 - 00000000 ____D C:\ProgramData\SurfEasy VPN
2015-08-28 12:05 - 2015-08-28 12:06 - 00000000 ____D C:\Program Files (x86)\SurfEasy VPN
2015-08-27 22:15 - 2015-08-27 22:15 - 00000000 _____ C:\Windows\system32\vireng.log
2015-08-27 21:49 - 2015-08-27 22:33 - 00000287 _____ C:\Users\Fabian\Documents
\Telefonnummern.txt
2015-08-27 20:18 - 2015-09-15 22:21 - 00000000 ____D C:\Users\Fabian\Desktop\löschen
2015-08-27 20:13 - 2015-08-27 20:13 - 00000000 ____D C:\Users\Fabian\.android
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-23 20:56 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\sru
2015-09-23 20:36 - 2015-08-14 20:36 - 01790124 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-23 20:36 - 2015-07-10 18:34 - 00772342 _____ C:\Windows\system32\perfh007.dat
2015-09-23 20:36 - 2015-07-10 18:34 - 00154170 _____ C:\Windows\system32\perfc007.dat
2015-09-23 20:29 - 2015-08-19 17:06 - 00000000 ____D C:\Users\Fabian\Downloads\Programme
2015-09-23 20:07 - 2015-08-14 22:04 - 00000000 ____D C:\Users\Fabian\AppData\Local\Adobe
2015-09-23 19:55 - 2015-08-14 20:36 - 00000000 ____D C:\Users\Fabian\OneDrive
2015-09-23 19:55 - 2015-08-14 17:14 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-
97AE-5C4B05D86E01}.bat
2015-09-23 19:55 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-23 19:54 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-23 19:51 - 2015-08-14 21:29 - 00000000 ____D C:\Windows\Panther
2015-09-23 19:12 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2015-09-22 23:17 - 2015-08-14 17:34 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\vlc
2015-09-22 23:13 - 2015-08-19 21:39 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Skype
2015-09-22 18:15 - 2015-08-14 20:34 - 00000000 ____D C:\Users\Fabian\AppData\Local\Packages
2015-09-22 08:06 - 2015-08-14 20:34 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Adobe
2015-09-21 19:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2015-09-21 19:14 - 2015-08-14 22:29 - 00000000 ____D C:\Users\Fabian\Desktop\Mozilla
2015-09-21 17:34 - 2015-07-10 14:20 - 04982288 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-21 10:40 - 2015-08-16 18:54 - 00000000 ____D C:\Users\Fabian\Desktop\unsortiert
2015-09-19 23:43 - 2015-08-14 20:34 - 00000000 ____D C:\Users\Fabian
2015-09-19 19:43 - 2015-08-14 21:54 - 00000000 ____D C:\ProgramData\Adobe
2015-09-19 19:36 - 2015-08-16 18:02 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-18 23:54 - 2015-08-14 18:49 - 00000000 ____D C:\Users\Fabian\Documents\Hardlinkbackup
Settings
2015-09-17 03:28 - 2015-08-14 21:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-16 01:18 - 2015-08-14 17:17 - 00000000 ____D C:\Windows\system32\MRT
2015-09-15 18:12 - 2015-08-14 17:26 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows
\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-08-14 17:26 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows
\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-15 10:15 - 2015-08-14 17:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-15 10:01 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF
2015-09-14 20:53 - 2015-08-14 19:06 - 00127473 _____ C:\reflectv5.2-6444-x64-0.dmp
2015-09-14 10:31 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-14 10:31 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-11 20:59 - 2015-08-14 20:36 - 00002361 _____ C:\Users\Fabian\AppData\Roaming\Microsoft
\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-11 17:04 - 2015-08-14 17:50 - 00000000 ____D C:\ProgramData\Lenovo
2015-09-04 00:14 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2015-09-03 21:49 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-30 19:06 - 2015-08-14 17:52 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\LSC
2015-08-30 19:05 - 2015-08-14 17:50 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2015-08-30 19:05 - 2015-08-14 17:50 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-30 19:04 - 2015-08-14 17:50 - 00000000 ____D C:\Windows\Downloaded Installations
2015-08-30 15:03 - 2015-08-14 22:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance
Service
2015-08-29 14:25 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe
2015-08-28 13:39 - 2015-08-14 20:34 - 00000000 ____D C:\Users\Fabian\AppData\Local\VirtualStore
2015-08-26 18:37 - 2015-08-14 17:17 - 134753440 _____ (Microsoft Corporation) C:\Windows
\system32\MRT.exe
2015-08-26 08:51 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\appcompat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-07 21:31 - 2015-09-07 21:31 - 0000040 ___SH () C:\ProgramData\.zreglib
2015-08-14 17:12 - 2015-08-14 17:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-
3e3e7ecf0d81}.tmphlojxo.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert
sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-14 14:34
==================== Ende von FRST.txt ============================ Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Fabian (2015-09-23 20:56:30)
Gestartet von C:\Users\Fabian\Downloads\Programme\Farbar's Recovery Scan Tool
Windows 10 Education (X64) (2015-08-14 18:33:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2728090300-4047253873-3035192864-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2728090300-4047253873-3035192864-503 - Limited - Disabled)
Fabian (S-1-5-21-2728090300-4047253873-3035192864-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2728090300-4047253873-3035192864-501 - Limited - Disabled)
SophosSAUDESKTOP-5I0 (S-1-5-21-2728090300-4047253873-3035192864-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Avid Fast Track Duo Driver 1.0.4 (x64) (HKLM\...\{3D0CC0E7-C291-42D4-A707-07B7FD69F209}) (Version: 1.0.4 - Avid)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.07021 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.07021 - Cisco Systems, Inc.) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.0.0.7072 - Thomson Reuters)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HardlinkBackup (64 bit) (HKLM\...\{ED9B6A99-EA94-4D44-958F-680DB4EEA4F5}) (Version: 2.1.5 - Lupinho.Net)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6444 - Paramount Software (UK) Ltd.) Hidden
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4753.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 de)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.2.24.07 - Lenovo)
OneKey Optimizer (x32 Version: 1.2.24.07 - Lenovo) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (German) (HKLM-x32\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickStores-Toolbar 1.1.0 (HKLM-x32\...\QuickStores-Toolbar_is1) (Version: 1.1.0 - AB-Tools.com) <==== ACHTUNG
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.15 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{7CD26A0C-9B59-4E84-B5EE-B386B2F7AA16}) (Version: 4.3.10.27 - Sophos Limited)
Spotify (HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
SurfEasy VPN 3.3.443 (HKLM-x32\...\SurfEasy VPN) (Version: 3.3.443 - SurfEasy Inc)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.13 - IDRIX)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Yuri's Revenge compatfix (HKLM\...\{47f53419-ecf8-40ce-8601-83ceab919da9}.sdb) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\Fabian\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001_Classes\CLSID\{82C13295-2E78-45DD-9973-21F20A7D6F5C}\localserver32 -> C:\Users\Fabian\AppData\Local\SkypePlugin\7.6.0.295\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Fabian\AppData\Local\SkypePlugin\7.6.0.295\EdgeCalling.exe (Skype Technologies S.A.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-09-15 23:12 - 00001518 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {24FD9E3F-777A-4614-B129-C2D0359AFFE8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {2A8C454F-523A-42B6-B0D2-852FC7C8A713} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {3AC72269-AD91-49C7-8EF4-8A7D3D1AFA9A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {4C49A254-34D0-42E4-BED0-6907679FB6B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {4FBC3954-6375-4699-A5FB-F18EAAC96170} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation)
Task: {53A3F21C-7556-446C-BACB-1838EE62BB9F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {6873C8BF-6870-460F-9891-3BA76C630544} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-08-14] (Microsoft Corporation)
Task: {68D1095A-ED31-4B9B-922F-B80679A68903} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {9CC754D2-C0BC-475A-8D4F-AC04916DE8C5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {A25B4A85-13E3-4897-A1D6-53E2C170F368} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-28] (Dropbox, Inc.)
Task: {B081DCB3-F279-401F-B262-BF2FA0652A8A} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {B83B100F-9DB0-4F4E-BFF7-DB358C80BE68} - System32\Tasks\{5B1ABD20-B832-46FF-9414-E10105522E6C} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {E987AE9E-7AF6-44AB-BE04-81DBE8B886BF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-28] (Dropbox, Inc.)
Task: {F9CB961D-4D94-4466-9000-B03A5CA1CF8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-08-14] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-14 23:14 - 2015-07-15 04:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-07-10 13:00 - 2015-07-10 13:00 - 00009216 _____ () C:\Windows\System32\WppRecorderUM.dll
2015-08-14 17:03 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-22 23:16 - 2015-07-22 23:16 - 03517808 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-08-29 14:21 - 2015-08-18 09:56 - 02498808 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-08-16 17:47 - 2015-03-30 15:04 - 00037672 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-08-16 17:47 - 2015-03-30 15:04 - 00166696 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2015-08-29 14:21 - 2015-08-18 09:56 - 02498808 _____ () C:\Windows\System32\CoreUIComponents.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-08-14 17:13 - 2015-08-14 17:13 - 00396688 _____ () C:\Windows\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-14 17:09 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 16:43 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-14 17:09 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-14 17:11 - 2015-08-14 17:11 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-08-24 20:28 - 2015-08-24 20:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-02-19 23:37 - 2015-02-19 23:37 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-08-14 17:04 - 2015-08-14 17:09 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-09-23 19:55 - 2015-09-23 19:55 - 00071168 _____ () c:\users\fabian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphlojxo.dll
2015-08-28 23:09 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-08-28 23:09 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-28 23:09 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-28 23:09 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian\Pictures\Wallpapers\DSC_0033_16zu9.jpg
DNS Servers: 131.188.0.10 - 131.188.0.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "OneKeyOptimizer"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\Run: => "EPSON Stylus DX7400"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2728090300-4047253873-3035192864-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{F775D250-9CEF-4F1C-8CD1-240752AACE7C}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [UDP Query User{3FA241DE-FA8D-4705-BF59-15142F71F8D3}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [{1260FB89-979C-4F2D-AA41-787C5F563FFB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E6F56AF2-A9EC-440A-9D68-04C3CC2BA567}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B96D7E56-4D62-49F4-8460-15334D8FCDF1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E634A47E-D2B9-404D-A0B1-83B9F1BD95F0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{10FFCF6B-2C18-4664-B703-6EFCB1974861}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9AEB089D-16FB-4C20-994E-12334F7EF879}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{55705274-D12D-4E16-99FA-9497287A611B}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{947575EF-A3D0-4654-B4CF-E2E20A16727F}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{8DC75B7A-56FE-4DD4-B5E2-AF6C2F3A87E4}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{B3A668FE-95B3-4FCE-B368-5B0F0DBE0985}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [{B4CBED92-5260-4960-8CA8-CC9E938DCC2A}] => (Allow) C:\Program Files\Opera x64\opera.exe
FirewallRules: [{09C542AC-BA83-40A5-B0C7-49BEC7B582CB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5AC9B663-D7CC-4161-A215-4F301B71D27F}Q:\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) Q:\myphoneexplorer portable\myphoneexplorer portable.exe
FirewallRules: [UDP Query User{925474C5-AC04-4501-BAFB-85795798EC05}Q:\myphoneexplorer portable\myphoneexplorer portable.exe] => (Allow) Q:\myphoneexplorer portable\myphoneexplorer portable.exe
FirewallRules: [{C26DA4E0-DEC5-4C30-9EED-43034139B451}] => (Block) Q:\myphoneexplorer portable\myphoneexplorer portable.exe
FirewallRules: [{DAC955CB-4B48-4BA1-89B8-8707057A4ED5}] => (Block) Q:\myphoneexplorer portable\myphoneexplorer portable.exe
FirewallRules: [{D38F0A48-8E74-46E4-8840-55756EB7EAC4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BCB81C64-9A2B-4968-8A04-C349650E020F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1FE0CFAD-0649-4000-88B0-065AD4DE47E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{05AFA19B-B4FB-44CE-A1A4-64009FBC1CFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C6954025-74F5-4F74-9C37-2B56B33A80F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{B8757750-9AD7-4E01-85A7-00833DFA8FC2}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7E661349-CE3D-4B21-84BE-6C72F40ABA31}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F58268D8-995F-479F-B0B6-AAC05431395F}] => (Block) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D2663C63-8B71-4455-BF2C-BA40AE38A8DF}] => (Block) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{96307AE4-28B7-42FE-94B5-52E85A282A93}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{FA6CF216-8467-4C8D-9BB9-11688474FAA0}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{61E01B02-C5CD-42E2-B7E3-B22E779DBAE1}C:\program files (x86)\origin games\command and conquer red alert ii\game.dat] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.dat
FirewallRules: [UDP Query User{E244D102-2AE5-4691-920B-FC0912239A3C}C:\program files (x86)\origin games\command and conquer red alert ii\game.dat] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\game.dat
FirewallRules: [TCP Query User{EB29DF45-7934-4547-BF83-59F6486A3BD2}C:\users\fabian\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\fabian\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe
FirewallRules: [UDP Query User{04464062-AE7C-474C-96C0-BC52C278B492}C:\users\fabian\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\fabian\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe
FirewallRules: [{E74AD72B-DA5B-4655-8CBC-78F0E7BE343C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FA5CBF3-CBEE-495B-AA86-4B01D26A5FD3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Datensammlungs- und Signalverarbeitungscontroller
Description: PCI-Datensammlungs- und Signalverarbeitungscontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/23/2015 08:54:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/23/2015 08:32:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (09/23/2015 07:54:46 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-YOGA-3)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (09/23/2015 07:54:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2015 07:54:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2015 07:54:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/23/2015 07:54:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) M-5Y10c CPU @ 0.80GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 4009.84 MB
Verfügbarer physikalischer RAM: 2027.13 MB
Summe virtueller Speicher: 6569.84 MB
Verfügbarer virtueller Speicher: 4348.8 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.69 GB) (Free:27.91 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0B0F3F42)
Partition: GPT.
==================== Ende von Addition.txt ============================ |