...
Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von i7i5 (2015-11-20 14:11:14)
Gestartet von C:\Users\basteln\Desktop
Windows 10 Pro (X64) (2015-11-17 16:05:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2744740071-4010058839-1931898771-500 - Administrator - Disabled)
basteln (S-1-5-21-2744740071-4010058839-1931898771-1002 - Limited - Enabled) => C:\Users\basteln
DefaultAccount (S-1-5-21-2744740071-4010058839-1931898771-503 - Limited - Disabled)
Gast (S-1-5-21-2744740071-4010058839-1931898771-501 - Limited - Disabled)
i7i5 (S-1-5-21-2744740071-4010058839-1931898771-1001 - Administrator - Enabled) => C:\Users\i7i5
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (32 Bit) (HKLM-x32\...\{2614BC86-757D-4293-9E25-E4E16F370A9E}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.0.0.11 - Swiss Academic Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Flux) (Version: - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Git version 1.9.5-preview20150319 (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.5.0.001 - HTC Corporation)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Firefox 42.0 (x86 de) (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.1.0 (x86 de)) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
SourceTree (HKLM-x32\...\SourceTree 1.6.23) (Version: 1.6.23 - Atlassian)
SourceTree (x32 Version: 1.6.23 - Atlassian) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudNET Login Client (HKLM-x32\...\{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1) (Version: 4.3 - Dossin-Brade GbR Leipzig)
Sublime Text Build 3092 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeXstudio 2.10.0 (HKLM-x32\...\TeXstudio_is1) (Version: 2.10.0 - Benito van der Zander)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\i7i5\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7D3CEBAB4773}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> P:\Git\git-cheetah\git_shell_ext64.dll ()
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-09-10 22:37 - 00001025 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0718A3C1-24C3-422B-869B-EF808D1E0188} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {181EF958-CF2C-45C1-BFE2-0048458E3EFC} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {1A74FE59-6B9E-4B1F-8F95-4B1FE3C596CF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-10] (Microsoft Corporation)
Task: {2300B6D1-D409-499E-92DF-030662B73A6B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {2353A234-8E5A-42EA-893A-789D8E6D06D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {3059E59B-D6E4-4CB3-ABFA-E66ED8253F7A} - System32\Tasks\CCleanerSkipUAC => P:\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {33046BDC-2974-457F-A198-055760713D46} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {34DFA6BC-39DE-4868-A80B-ABB04284A726} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {3627755F-6629-4D94-850A-FBE43D28BEB8} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {4208A7BF-D622-476E-A1A3-F9EB2719ECD4} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2015-11-13] (Microsoft Corporation)
Task: {45A1E736-EAAA-4735-ABBA-A9C5CF2BDAEF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {4A944005-EAD7-4E3D-A0CB-E36A03948234} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {4E3CB8C2-8A0C-4570-A32E-7319C6E8E432} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {5B137F1C-205D-4EEE-A261-705B687DCA75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {697E18DD-943C-470A-B9E3-6E5DDCB42D05} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {6B696BCF-C866-41CA-B4E4-3D19FB1E9250} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\SpaceMan.exe [2015-10-30] (Microsoft Corporation)
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {76FA8905-35DA-4FFB-B03C-E61608DA4E23} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-10] ()
Task: {860F596C-A1D8-4651-B747-D134041D80AD} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => Rundll32.exe %windir%\system32\StorageUsage.dll,GetStorageUsageInfo
Task: {90D79106-3D12-40AF-A9BA-231F2327770C} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2015-10-30] (Microsoft Corporation)
Task: {A483A62A-BEE2-43EF-B43D-C4B6555D6F1E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {AE01BD66-0EA2-4E63-8342-8F603FA22364} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {C881A742-1A15-4EAC-96B9-9C6EA38AC7FA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {E03596C8-B2A4-4553-B379-B678F0EBCA95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {E92D4A58-DF98-4199-876D-0DEC11B57770} - System32\Tasks\avast! Emergency Update => P:\Avast\AvastEmUpdate.exe [2015-09-27] (AVAST Software)
Task: {F120A436-C215-4927-87AA-934387AF5782} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {FEBF0AE5-C68F-41BB-8FB8-05BD0B1A49E7} - System32\Tasks\AdobeAAMUpdater-1.0-DU-i7i5 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 00810808 _____ () P:\Shrew Soft VPN\ipsecd.exe
2013-07-01 00:15 - 2013-07-01 00:15 - 00018432 _____ () P:\Shrew Soft VPN\libith.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00029184 _____ () P:\Shrew Soft VPN\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00035840 _____ () P:\Shrew Soft VPN\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00013312 _____ () P:\Shrew Soft VPN\liblog.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00116736 _____ () P:\Shrew Soft VPN\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00022016 _____ () P:\Shrew Soft VPN\libidb.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 01127736 _____ () P:\Shrew Soft VPN\iked.exe
2013-07-01 00:16 - 2013-07-01 00:16 - 00628224 _____ () P:\Shrew Soft VPN\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00039936 _____ () P:\Shrew Soft VPN\libvnet.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00017920 _____ () P:\Shrew Soft VPN\libdtp.dll
2015-10-19 15:12 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-10 23:31 - 2007-09-02 12:58 - 00495616 _____ () P:\RocketDock\RocketDock.exe
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () P:\ownCloud\owncloud.exe
2015-11-20 00:38 - 2015-11-20 00:39 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-20 00:38 - 2015-11-20 00:38 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-11 19:02 - 2015-09-11 19:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () P:\FileZilla FTP Client\fzshellext_64.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 00103376 _____ () P:\Avast\log.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 00123976 _____ () P:\Avast\JsonRpcServer.dll
2015-11-20 00:22 - 2015-11-20 00:22 - 02991104 _____ () P:\Avast\defs\15111901\algo.dll
2015-11-20 11:14 - 2015-11-20 11:14 - 02991104 _____ () P:\Avast\defs\15112000\algo.dll
2015-09-10 23:31 - 2007-09-02 12:57 - 00069632 _____ () P:\RocketDock\RocketDock.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () P:\FileZilla FTP Client\fzshellext.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () P:\ownCloud\libocsync.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () P:\ownCloud\libowncloudsync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () P:\ownCloud\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () P:\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () P:\ownCloud\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () P:\ownCloud\zlib1.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () P:\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () P:\ownCloud\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () P:\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () P:\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () P:\ownCloud\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () P:\ownCloud\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () P:\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () P:\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () P:\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () P:\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () P:\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () P:\ownCloud\libxslt-1.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 40539648 _____ () P:\Avast\libcef.dll
2015-10-01 08:00 - 2015-10-01 08:00 - 00153768 _____ () P:\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-01 08:00 - 2015-10-01 08:00 - 00023208 _____ () P:\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2BB4A38C-147F-4678-963D-CB0B0E3192E2}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{90A75009-679A-4C49-AD89-2675AC0184FA}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8CFA0298-F9BA-42A1-9927-3968FFC26AEF}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B54CDCF9-D478-4383-8D3F-F097B831CFE1}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6172CDDB-2C88-416C-AE71-4C6C219E1ADB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{45B883DF-3119-48B9-BCF1-7A4640D30F46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A620A3DA-397A-4310-BC2D-545A8EBE61C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{983B396A-98EB-4379-8810-0A7FF81B06E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{402A2773-C8ED-486A-A4A7-451EFAD3A304}P:\eclipse\eclipse.exe] => (Allow) P:\eclipse\eclipse.exe
FirewallRules: [TCP Query User{83C654E5-A249-4D6E-B9CC-9420CA55D96E}P:\eclipse\eclipse.exe] => (Allow) P:\eclipse\eclipse.exe
FirewallRules: [UDP Query User{08A55A3B-91FD-42C7-A139-E1F230725274}C:\users\basteln\desktop\ba test\eclipse\eclipse.exe] => (Allow) C:\users\basteln\desktop\ba test\eclipse\eclipse.exe
FirewallRules: [TCP Query User{62C743AD-4839-4E35-8764-CAA5659C653F}C:\users\basteln\desktop\ba test\eclipse\eclipse.exe] => (Allow) C:\users\basteln\desktop\ba test\eclipse\eclipse.exe
FirewallRules: [UDP Query User{50DB55C5-26A1-4B6B-AF14-C5A80C025FB5}P:\java\x64\jdk1.8.0_51\bin\java.exe] => (Allow) P:\java\x64\jdk1.8.0_51\bin\java.exe
FirewallRules: [TCP Query User{156F2E0B-43F3-4735-894C-1EB89131589D}P:\java\x64\jdk1.8.0_51\bin\java.exe] => (Allow) P:\java\x64\jdk1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{5598B00D-6174-4D01-B092-FB7BF2E7D0FD}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{0268CE47-8844-47D3-A6D0-96408FB5C562}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [{525D74E7-8286-4575-94EA-176492D05B21}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{5F144371-5AB1-4172-A343-F532F36204C6}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [UDP Query User{814FE1F6-6755-4377-803F-C160B887C141}P:\twitch\livestreamer-v1.12.2\livestreamer.exe] => (Allow) P:\twitch\livestreamer-v1.12.2\livestreamer.exe
FirewallRules: [TCP Query User{1AC67C1B-D5A2-4A5F-AFF9-1FEC1CF424E4}P:\twitch\livestreamer-v1.12.2\livestreamer.exe] => (Allow) P:\twitch\livestreamer-v1.12.2\livestreamer.exe
FirewallRules: [{DA603F64-7F37-49D2-A342-D030C4855CB2}] => (Allow) P:\Microsoft Office\Office15\outlook.exe
FirewallRules: [{F8C0A2E8-27B6-4AD5-B4D7-A81CAE5E2183}] => (Allow) P:\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F0DA012B-8723-4559-AFDB-36D36060D40C}] => (Allow) P:\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F273C9D0-645D-4807-A622-158526390D72}] => (Allow) P:\Microsoft Office\Office15\lync.exe
FirewallRules: [{6F2E88D9-062E-4282-B5A2-17AD24917787}] => (Allow) P:\Microsoft Office\Office15\lync.exe
FirewallRules: [{981EA90F-1E76-4B62-B2E5-E171750A9B72}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{12B0C56E-5556-4F35-8318-0CC32F3843D5}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{DA09CB18-8159-4CAA-A0CA-21AB7EEBBE0E}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{25E62B04-6F81-407D-AE2B-F66AE6B3AC3D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{F4B3D6FC-96B4-4EBD-BBFE-1FA8E88FF111}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{A0969A31-43FF-4F65-852D-A2DB77EE3633}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{88CAA281-9F8D-4A0C-BD6E-AAD2FD9C3CF6}] => (Allow) P:\Mozilla Firefox\firefox.exe
FirewallRules: [{724E1B4C-41B1-4C84-82D3-F881B8BFA308}] => (Allow) P:\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2015 09:01:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
Error: (11/20/2015 09:01:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
Error: (11/20/2015 09:01:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/20/2015 08:51:35 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (11/20/2015 07:15:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adobe_flash_player.exe, Version 18.0.0.194 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1140
Startzeit: 01d123541e58eb33
Beendigungszeit: 4294967295
Anwendungspfad: C:\ProgramData\Adobe\adobe_flash_player.exe
Berichts-ID: 1f653732-8f4e-11e5-9be6-b888e371e511
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (11/20/2015 06:53:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1187
Error: (11/20/2015 06:53:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1187
Error: (11/20/2015 06:53:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/20/2015 02:10:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adobe_flash_player.exe, Version: 18.0.0.194, Zeitstempel: 0x55c759c0
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.10586.3, Zeitstempel: 0x563b084b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000101735
ID des fehlerhaften Prozesses: 0x1378
Startzeit der fehlerhaften Anwendung: 0xadobe_flash_player.exe0
Pfad der fehlerhaften Anwendung: adobe_flash_player.exe1
Pfad des fehlerhaften Moduls: adobe_flash_player.exe2
Berichtskennung: adobe_flash_player.exe3
Vollständiger Name des fehlerhaften Pakets: adobe_flash_player.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: adobe_flash_player.exe5
Error: (11/20/2015 00:18:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DU)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (11/20/2015 01:56:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 09:01:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 08:58:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 07:15:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 06:53:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 06:39:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdobeUpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 06:39:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2015 06:39:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/20/2015 06:25:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SAService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/20/2015 06:24:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_18fd7d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-11-20 00:23:34.038
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-19 08:24:27.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 17:00:16.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:58:29.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.895
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:38:42.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8060.85 MB
Verfügbarer physikalischer RAM: 5249.47 MB
Summe virtueller Speicher: 9980.85 MB
Verfügbarer virtueller Speicher: 7117.35 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:99.51 GB) (Free:58.79 GB) NTFS
Drive d: (Daten) (Fixed) (Total:285.76 GB) (Free:76.94 GB) NTFS
Drive p: (Programme) (Fixed) (Total:80 GB) (Free:55.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================ FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von i7i5 (Administrator) auf DU (20-11-2015 14:07:09)
Gestartet von C:\Users\basteln\Desktop
Geladene Profile: i7i5 & basteln (Verfügbare Profile: i7i5 & basteln)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) P:\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() P:\Shrew Soft VPN\ipsecd.exe
() P:\Shrew Soft VPN\iked.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Flux Software LLC) C:\Users\basteln\AppData\Local\FluxSoftware\Flux\flux.exe
() P:\RocketDock\RocketDock.exe
() P:\ownCloud\owncloud.exe
(Dossin-Brade GbR) C:\Windows\SysWOW64\studnet\studnet.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(AVAST Software) P:\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) P:\Mozilla Firefox\firefox.exe
(Mozilla Corporation) P:\Mozilla Thunderbird\thunderbird.exe
(Simon Tatham) P:\SourceTree\tools\putty\pageant.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-09-10] (Vimicro)
HKLM-x32\...\Run: [AvastUI.exe] => P:\Avast\AvastUI.exe [6133520 2015-11-11] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => P:\Adobe\x86\Acrobat XI Pro\Acrobat\Acrotray.exe [3498728 2015-09-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [Adobe Flash Player] => C:\ProgramData\Adobe\adobe_flash_player.exe [112640 2015-08-09] (Abobe Systems Incorporated)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\...\Run: [Steam] => P:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [f.lux] => C:\Users\basteln\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [RocketDock] => P:\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [ownCloud] => P:\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\RunOnce: [Uninstall C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => P:\Avast\ashShA64.dll [2015-09-27] (AVAST Software)
Startup: C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2015-10-02]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{019c4ed0-e6af-452d-a347-9c21d036e1f3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{efbba1a2-babf-4e16-b0a2-575ff4cda385}: [NameServer] 141.57.1.94
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> P:\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> P:\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - P:\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2015-10-30] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> P:\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> P:\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> P:\Adobe\x86\Acrobat XI Pro\Acrobat\Air\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn [2015-10-22] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - P:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 avast! Antivirus; P:\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-09-10] (Broadcom Corporation.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-22] (Intel Corporation)
R2 iked; P:\Shrew Soft VPN\iked.exe [1127736 2013-07-01] ()
R2 ipsecd; P:\Shrew Soft VPN\ipsecd.exe [810808 2013-07-01] ()
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
S3 MessagingService_40246; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 MessagingService_40246; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_40246; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_40246; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PimIndexMaintenanceSvc_40246; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_40246; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-10] (Synaptics Incorporated)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2015-11-13] (Microsoft Corporation)
S3 UnistoreSvc_40246; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_40246; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_40246; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_40246; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-27] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-09-10] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows (R) Win 7 DDK provider)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-30] (Intel(R) Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-30] (Intel Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-10] (Intel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-10] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-30] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-09-10] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-20 14:07 - 2015-11-20 14:07 - 00018348 _____ C:\Users\basteln\Desktop\FRST.txt
2015-11-20 14:07 - 2015-11-20 14:07 - 00000000 ____D C:\FRST
2015-11-20 14:06 - 2015-11-20 14:06 - 02020352 _____ (Farbar) C:\Users\basteln\Desktop\FRST64.exe
2015-11-20 06:28 - 2015-11-20 06:50 - 00000000 ____D C:\Users\basteln\Desktop\virensuche
2015-11-20 00:59 - 2015-11-20 00:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-20 00:07 - 2015-11-20 00:07 - 00000000 ____D C:\Users\i7i5\AppData\Local\NetworkTiles
2015-11-20 00:07 - 2015-11-13 07:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-11-20 00:07 - 2015-11-13 07:54 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-20 00:07 - 2015-11-13 07:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-11-20 00:07 - 2015-11-13 07:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-11-20 00:07 - 2015-11-13 07:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-11-20 00:07 - 2015-11-13 07:43 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-11-20 00:07 - 2015-11-13 07:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-11-20 00:07 - 2015-11-13 07:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-11-20 00:07 - 2015-11-13 07:42 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-11-20 00:07 - 2015-11-13 07:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-11-20 00:07 - 2015-11-13 07:41 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-20 00:07 - 2015-11-13 07:41 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-20 00:07 - 2015-11-13 07:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-11-20 00:07 - 2015-11-13 07:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-11-20 00:07 - 2015-11-13 07:33 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-20 00:07 - 2015-11-13 07:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-11-20 00:07 - 2015-11-13 07:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-11-20 00:07 - 2015-11-13 07:19 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-20 00:07 - 2015-11-13 07:18 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-20 00:07 - 2015-11-13 07:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-11-20 00:07 - 2015-11-13 07:05 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-11-20 00:07 - 2015-11-13 07:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-11-20 00:07 - 2015-11-13 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-11-20 00:07 - 2015-11-13 06:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-20 00:07 - 2015-11-13 06:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-11-20 00:07 - 2015-11-13 06:57 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-11-20 00:07 - 2015-11-13 06:57 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-11-20 00:07 - 2015-11-13 06:56 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-11-20 00:07 - 2015-11-13 06:56 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-11-20 00:07 - 2015-11-13 06:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-11-20 00:07 - 2015-11-13 06:53 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-11-20 00:07 - 2015-11-13 06:53 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-11-20 00:07 - 2015-11-13 06:50 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-20 00:07 - 2015-11-13 06:50 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-20 00:07 - 2015-11-13 06:49 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-11-20 00:07 - 2015-11-13 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-20 00:07 - 2015-11-13 06:45 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-20 00:07 - 2015-11-13 06:39 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-11-20 00:07 - 2015-11-13 06:39 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-11-20 00:07 - 2015-11-13 06:38 - 13017088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-11-20 00:07 - 2015-11-13 06:33 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-11-20 00:07 - 2015-11-13 06:32 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-11-20 00:07 - 2015-11-13 06:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-11-20 00:07 - 2015-11-13 06:30 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-20 00:07 - 2015-11-13 06:29 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-20 00:07 - 2015-11-13 06:28 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-11-20 00:07 - 2015-11-13 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-11-20 00:07 - 2015-11-13 06:23 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-20 00:07 - 2015-11-13 06:19 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-11-20 00:07 - 2015-11-13 06:17 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-20 00:07 - 2015-11-13 06:15 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-11-20 00:06 - 2015-11-13 07:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-20 00:06 - 2015-11-13 07:06 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-11-20 00:06 - 2015-11-13 07:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-11-20 00:06 - 2015-11-13 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-11-20 00:06 - 2015-11-13 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-11-20 00:06 - 2015-11-13 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-11-20 00:06 - 2015-11-13 07:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-11-20 00:06 - 2015-11-13 07:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-11-20 00:06 - 2015-11-13 07:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-11-20 00:06 - 2015-11-13 07:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-11-20 00:06 - 2015-11-13 07:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-11-20 00:06 - 2015-11-13 07:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-11-20 00:06 - 2015-11-13 07:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-11-20 00:06 - 2015-11-13 07:02 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-11-20 00:06 - 2015-11-13 07:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-11-20 00:06 - 2015-11-13 07:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-11-20 00:06 - 2015-11-13 07:00 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-11-20 00:06 - 2015-11-13 07:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-11-20 00:06 - 2015-11-13 06:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-11-20 00:06 - 2015-11-13 06:55 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-11-20 00:06 - 2015-11-13 06:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-11-20 00:06 - 2015-11-13 06:41 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-11-20 00:06 - 2015-11-13 06:40 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-11-20 00:06 - 2015-11-13 06:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-11-20 00:06 - 2015-11-13 06:37 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-11-20 00:06 - 2015-11-13 06:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-11-20 00:02 - 2015-11-20 00:02 - 00000000 ____D C:\Users\i7i5\AppData\Local\ActiveSync
2015-11-19 08:49 - 2015-11-19 08:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-17 18:43 - 2015-11-17 18:43 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\StudNET Client - Online Update.lnk
2015-11-17 18:43 - 2015-11-17 18:43 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\StudNET Login Client.lnk
2015-11-17 18:26 - 2015-11-17 18:27 - 00000000 ____D C:\Users\basteln\AppData\Roaming\TS3Client
2015-11-17 18:11 - 2015-11-17 18:11 - 00000000 ____D C:\Users\basteln\AppData\Local\Comms
2015-11-17 17:59 - 2015-11-17 17:59 - 00000020 ___SH C:\Users\i7i5\ntuser.ini
2015-11-17 17:59 - 2015-11-17 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2015-11-17 17:07 - 2015-11-17 17:07 - 00000000 ____D C:\Users\basteln\AppData\Local\ActiveSync
2015-11-17 17:05 - 2015-11-17 17:05 - 00000020 ___SH C:\Users\basteln\ntuser.ini
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-11-17 17:04 - 2015-11-17 17:04 - 00000000 __SHD C:\Recovery
2015-11-17 17:00 - 2015-11-20 06:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-17 17:00 - 2015-11-17 17:00 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-17 16:54 - 2015-11-20 06:25 - 00003916 _____ C:\WINDOWS\PFRO.log
2015-11-17 16:52 - 2015-11-17 16:52 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-17 16:52 - 2015-11-17 16:52 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-11-17 16:52 - 2015-11-17 16:52 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-11-17 16:52 - 2015-11-17 16:52 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-11-17 16:52 - 2015-11-17 16:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-11-17 16:47 - 2015-11-17 16:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-11-17 16:45 - 2015-11-20 06:24 - 00000000 ____D C:\Users\basteln
2015-11-17 16:45 - 2015-11-20 00:59 - 00000000 ____D C:\Users\i7i5
2015-11-17 16:45 - 2015-11-20 00:00 - 00000000 ___RD C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-17 16:45 - 2015-11-17 17:05 - 00000000 ___RD C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Vorlagen
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Startmenü
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Netzwerkumgebung
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Lokale Einstellungen
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Eigene Dateien
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Druckumgebung
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Documents\Eigene Musik
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Documents\Eigene Bilder
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\AppData\Local\Verlauf
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\AppData\Local\Anwendungsdaten
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\i7i5\Anwendungsdaten
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Vorlagen
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Startmenü
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Netzwerkumgebung
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Lokale Einstellungen
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Eigene Dateien
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Druckumgebung
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Documents\Eigene Musik
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Documents\Eigene Bilder
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\AppData\Local\Verlauf
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\AppData\Local\Anwendungsdaten
2015-11-17 16:45 - 2015-11-17 16:45 - 00000000 _SHDL C:\Users\basteln\Anwendungsdaten
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 __RSD C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 __RSD C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ____D C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-17 16:45 - 2015-10-30 08:24 - 00000000 ____D C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-17 16:41 - 2015-11-17 16:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-17 16:41 - 2015-11-17 16:41 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-11-17 16:41 - 2015-11-17 16:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-11-17 16:41 - 2015-11-17 16:41 - 00000000 ____D C:\Program Files\Synaptics
2015-11-17 16:41 - 2015-11-17 16:41 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-11-17 16:40 - 2015-11-17 16:48 - 00000000 ____D C:\Program Files\Intel
2015-11-17 16:40 - 2015-11-17 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2015-11-17 16:40 - 2015-10-22 12:18 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-11-17 16:39 - 2015-11-20 06:07 - 00169202 _____ C:\Users\Public\CAFADEBUG.log
2015-11-17 16:39 - 2015-11-17 16:39 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-11-17 16:39 - 2015-11-17 16:39 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-11-17 16:39 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2015-11-17 16:39 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2015-11-17 16:39 - 2013-07-25 14:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2015-11-17 16:38 - 2015-11-17 16:39 - 00000000 ____D C:\ProgramData\Conexant
2015-11-17 16:38 - 2015-11-17 16:39 - 00000000 ____D C:\Program Files\CONEXANT
2015-11-17 16:38 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-11-17 16:35 - 2015-11-20 12:17 - 00016343 _____ C:\WINDOWS\setupact.log
2015-11-17 16:35 - 2015-11-17 16:35 - 00068308 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-11-17 16:35 - 2015-11-17 16:35 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-11-17 16:34 - 2015-11-17 16:55 - 00338144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-17 16:30 - 2015-11-20 06:06 - 00000000 ____D C:\Windows.old
2015-11-17 16:30 - 2015-11-17 16:30 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 13376512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-17 16:30 - 2015-11-17 16:30 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-11-17 16:30 - 2015-11-17 16:30 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-11-17 16:30 - 2015-11-17 16:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-17 16:30 - 2015-11-17 16:30 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-17 16:30 - 2015-11-17 16:30 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-17 16:30 - 2015-11-17 16:30 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-17 16:30 - 2015-11-17 16:30 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-17 16:30 - 2015-11-17 16:30 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-17 16:30 - 2015-11-17 16:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-11-17 16:30 - 2015-11-17 16:30 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-11-17 16:29 - 2015-11-17 16:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-17 16:26 - 2015-11-17 16:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-17 16:26 - 2015-11-17 16:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-17 16:26 - 2015-11-17 16:26 - 00000000 ____D C:\Program Files\MSBuild
2015-11-17 16:26 - 2015-11-17 16:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-17 16:26 - 2015-11-17 16:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-17 16:26 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-17 16:26 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-17 16:26 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-17 16:26 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-17 16:26 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-17 16:26 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-17 16:10 - 2015-11-17 17:02 - 00006479 _____ C:\WINDOWS\comsetup.log
2015-11-17 16:09 - 2015-11-17 17:04 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-11-17 16:09 - 2015-11-17 17:04 - 00013338 _____ C:\WINDOWS\diagerr.xml
2015-11-17 08:33 - 2015-11-17 08:33 - 00000000 ___RD C:\Users\basteln\Creative Cloud Files
2015-11-17 08:23 - 2015-11-17 08:23 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-17 08:23 - 2015-11-17 08:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-16 23:05 - 2015-11-16 23:05 - 00000000 ____D C:\Users\basteln\Documents\AutomaticSolution Software
2015-11-16 23:04 - 2015-11-16 23:04 - 00000000 ____D C:\Users\basteln\AppData\Roaming\MP3toiPodAudioBookConverter
2015-11-16 23:03 - 2015-11-17 16:53 - 00000000 ____D C:\Users\i7i5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 to iPod Audio Book Converter
2015-11-16 23:02 - 2015-11-16 23:02 - 00000000 ____D C:\Users\basteln\AppData\Roaming\SharePod
2015-11-16 17:20 - 2015-11-17 17:05 - 00000448 __RSH C:\ProgramData\ntuser.pol
2015-11-15 12:15 - 2015-11-15 12:15 - 00002183 _____ C:\Users\basteln\Desktop\_jaworskyj_Luminanz_Masken.zip
2015-11-13 15:58 - 2015-11-13 15:58 - 00962147 _____ C:\Users\basteln\Desktop\Informatik-Master-master.zip
2015-11-11 08:23 - 2015-11-11 08:23 - 00000000 ____D C:\Users\i7i5\Documents\ProcAlyzer Dumps
2015-11-11 08:18 - 2015-11-11 08:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-11 08:15 - 2015-11-11 08:15 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-11-05 17:07 - 2015-11-17 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-11-05 17:07 - 2015-11-17 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2015-11-05 17:07 - 2015-09-08 11:48 - 00964392 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-11-05 17:07 - 2015-09-08 11:47 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-11-05 17:00 - 2015-11-05 17:00 - 00000000 ____D C:\Users\basteln\AppData\Local\Apple
2015-11-05 16:37 - 2015-11-05 16:37 - 00075389 _____ C:\Users\basteln\genymotion-log.zip
2015-11-04 21:25 - 2015-11-05 18:31 - 00000114 _____ C:\Users\basteln\mercurial.ini
2015-11-04 21:25 - 2015-08-03 12:39 - 00000236 _____ C:\Users\basteln\Documents\gitignore_global.txt
2015-11-04 21:25 - 2015-08-03 12:39 - 00000173 _____ C:\Users\basteln\Documents\hgignore_global.txt
2015-11-02 18:05 - 2015-11-02 18:05 - 00000000 ____D C:\Users\basteln\Documents\Benutzerdefinierte Office-Vorlagen
2015-10-30 19:48 - 2015-10-30 08:18 - 00032200 _____ C:\WINDOWS\Professional.xml
2015-10-30 19:47 - 2015-11-17 16:53 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-30 19:47 - 2015-10-30 19:47 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-10-30 19:47 - 2015-10-30 19:47 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-10-30 19:47 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-30 19:36 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\SKB
2015-10-30 19:36 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-10-30 19:35 - 2015-11-20 12:20 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-30 19:35 - 2015-11-20 12:20 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-30 19:35 - 2015-10-30 19:35 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2015-10-30 19:35 - 2015-10-30 19:35 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\de
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\0409
2015-10-30 19:35 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-30 09:13 - 2015-10-30 09:13 - 00028672 ___SH C:\WINDOWS\system32\config\BCD-Template.LOG
2015-10-30 08:26 - 2015-11-03 01:12 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-30 08:26 - 2015-11-03 01:12 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-30 08:26 - 2015-10-30 08:26 - 00000000 ____D C:\WINDOWS\Setup
2015-10-30 08:25 - 2015-11-17 16:53 - 00003949 _____ C:\WINDOWS\DtcInstall.log
2015-10-30 08:24 - 2015-11-20 13:33 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-30 08:24 - 2015-11-20 00:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 08:24 - 2015-11-20 00:19 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-30 08:24 - 2015-11-18 09:03 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-30 08:24 - 2015-11-17 17:06 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-10-30 08:24 - 2015-11-17 17:06 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-10-30 08:24 - 2015-11-17 17:06 - 00000000 ____D C:\WINDOWS\rescache
2015-10-30 08:24 - 2015-11-17 17:04 - 00000000 ____D C:\Program Files\Windows NT
2015-10-30 08:24 - 2015-11-17 17:02 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-10-30 08:24 - 2015-11-17 17:02 - 00000000 ____D C:\WINDOWS\Registration
2015-10-30 08:24 - 2015-11-17 16:59 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-30 08:24 - 2015-11-17 16:53 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-30 08:24 - 2015-11-17 16:52 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 08:24 - 2015-11-17 16:52 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-30 08:24 - 2015-11-17 16:52 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 08:24 - 2015-11-17 16:52 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 08:24 - 2015-11-17 16:50 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-30 08:24 - 2015-11-17 16:49 - 00000000 ____D C:\WINDOWS\system32\spool
2015-10-30 08:24 - 2015-11-17 16:49 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-30 08:24 - 2015-11-17 16:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-30 08:24 - 2015-11-17 16:48 - 00000000 ____D C:\ProgramData\USOPrivate
2015-10-30 08:24 - 2015-11-17 16:48 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-30 08:24 - 2015-11-17 16:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-30 08:24 - 2015-11-17 16:47 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-30 08:24 - 2015-11-17 16:41 - 00000000 ____D C:\WINDOWS\System
2015-10-30 08:24 - 2015-11-17 16:33 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-30 08:24 - 2015-11-17 16:26 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-30 08:24 - 2015-11-17 16:26 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-30 08:24 - 2015-10-30 19:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 08:24 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\Web
2015-10-30 08:24 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\security
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\setup
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Com
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\IME
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\Help
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-10-30 08:24 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Vss
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\tracing
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\TAPI
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sru
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech_OneCore
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\restore
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RasToast
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\networklist
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-CA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SystemResources
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spp
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Speech_OneCore
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Speech
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\restore
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\RasToast
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\ras
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\networklist
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Licenses
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\ias
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\es-MX
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system\Speech
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Speech_OneCore
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Speech
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SchCache
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Resources
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PLA
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Performance
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Globalization
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Cursors
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Branding
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\addins
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\Comms
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\Services
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-10-30 08:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-10-30 08:24 - 2015-10-30 08:21 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-10-30 08:24 - 2015-10-30 08:21 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-10-30 08:24 - 2015-10-30 08:21 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-10-30 08:24 - 2015-10-30 08:21 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-10-30 08:24 - 2015-10-30 08:21 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-10-30 08:24 - 2015-10-30 08:21 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-10-30 08:24 - 2015-10-30 08:21 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-10-30 08:24 - 2015-10-30 08:21 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-10-30 08:24 - 2015-10-30 08:21 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-10-30 08:24 - 2015-10-30 08:21 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-10-30 08:24 - 2015-10-30 08:21 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-10-30 08:24 - 2015-10-30 08:21 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-10-30 08:24 - 2015-10-30 08:21 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-10-30 08:20 - 2015-10-30 08:20 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSRESM.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOM.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2015-10-30 08:20 - 2015-10-30 08:20 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinFax.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 02535424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysis.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00274224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2015-10-30 08:19 - 2015-10-30 19:46 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2015-10-30 08:19 - 2015-10-30 19:46 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00043566 _____ C:\WINDOWS\SysWOW64\rsop.msc
2015-10-30 08:19 - 2015-10-30 19:46 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2015-10-30 08:19 - 2015-10-30 19:46 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-10-30 08:19 - 2015-10-30 19:46 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2015-10-30 08:19 - 2015-10-30 19:45 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2015-10-30 08:19 - 2015-10-30 19:36 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-10-30 08:19 - 2015-10-30 19:36 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-10-30 08:19 - 2015-10-30 19:36 - 11602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-10-30 08:19 - 2015-10-30 19:36 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-10-30 08:19 - 2015-10-30 19:36 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2015-10-30 08:19 - 2015-10-30 08:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2015-10-30 08:19 - 2015-10-30 08:19 - 06971392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll |