Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   chrome: ständig neue tabs und meldungen von reimage (https://www.trojaner-board.de/181735-chrome-staendig-neue-tabs-meldungen-reimage.html)

bohm 13.09.2016 20:22
chrome: ständig neue tabs und meldungen von reimage
 
Hallo.

Habe nun zum zweiten mal das Problem das sich ständig neue Tabs in Chrome öffnen und da Werbung oder eine meldung von Reimage kommt.

Habe schon mal FRST durchlaufen lassen! ;)

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
durchgeführt von Alex (Administrator) auf PEACHY (13-09-2016 21:12:52)
Gestartet von C:\Users\Alex\Downloads
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\Syswow64\CMICNFG3.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE" RunWithWindows
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {0f748fbf-2152-11e5-8233-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {94b3fc27-1c9b-11e5-ac5a-50465d90560b} - "H:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{faa03109-abab-40bf-9edb-fcd71145efd5}: [DhcpNameServer] 192.168.224.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\searchplugins\ezcclg65.xml [2016-09-12]
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-14]

Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-12]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-26]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-26]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-26]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-06]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-26]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-26]
CHR Extension: (Myinstants Soundboard) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fggacdedkdoacbemcilniodecinpfkgi [2016-08-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-26]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (mydlink services plugin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2016-07-26]
CHR Extension: (Google Maps) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-26]
CHR Extension: (Mein Chrome-Design) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-07-26]
CHR Extension: (SEGA GENESIS / SEGA Mega Drive Emulator) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnmgamcdbdieifheiiphnbbbcaofcbc [2016-07-26]
CHR Extension: (Emulador de Super Nintendo) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffhngmcplldclknnkmkkecjlhhccmid [2016-07-26]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-26]
CHR Extension: (RHS) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkaifndebjpbndephomibbjjbnokmfab [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR Extension: (Audio Cutter) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 JoropygrosakDebuger; C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll [301568 2016-09-12] () [Datei ist nicht signiert]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-09-07] (Overwolf LTD)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [20128 2016-01-15] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-13 21:12 - 2016-09-13 21:13 - 00023834 _____ C:\Users\Alex\Downloads\FRST.txt
2016-09-13 21:12 - 2016-09-13 21:12 - 02398720 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2016-09-13 21:12 - 2016-09-13 21:12 - 00000000 ____D C:\FRST
2016-09-13 21:10 - 2016-09-13 21:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Downloads\tdsskiller.exe
2016-09-13 21:04 - 2016-09-13 21:04 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2016-09-13 21:02 - 2016-09-13 21:02 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-13 21:02 - 2016-09-13 21:02 - 00002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-13 21:00 - 2016-09-13 21:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 21:00 - 2016-09-13 21:05 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 21:00 - 2016-09-13 21:00 - 01065376 _____ (Google Inc.) C:\Users\Alex\Downloads\ChromeSetup(1).exe
2016-09-13 21:00 - 2016-09-13 21:00 - 00004178 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-13 21:00 - 2016-09-13 21:00 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-13 20:58 - 2016-09-13 20:58 - 00152744 _____ C:\Users\Alex\Desktop\bookmarks.html
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\Program Files\VS Revo Group
2016-09-13 20:14 - 2016-09-13 20:45 - 07093624 _____ (VS Revo Group ) C:\Users\Alex\Downloads\revosetup_2.0.exe
2016-09-13 20:13 - 2016-09-13 20:15 - 01610560 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2016-09-12 08:13 - 2016-09-12 08:13 - 00009012 _____ C:\WINDOWS\System32\Tasks\Joropygrosak Debuger
2016-09-12 08:13 - 2016-09-12 08:13 - 00000046 _____ C:\WINDOWS\Joberphlusisp
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avg
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-12 08:12 - 2016-09-12 10:35 - 00000000 ____D C:\Program Files (x86)\Prerpetaincliiph
2016-09-12 08:12 - 2016-09-12 09:55 - 00000000 ____D C:\Users\Alex\AppData\Local\Sejoge
2016-09-12 08:10 - 2016-09-12 10:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MyTransitGuide
2016-09-12 08:08 - 2016-09-12 08:08 - 01208320 _____ C:\Users\Alex\Downloads\fernbus_simulator_conspir4cy_crackrar.img
2016-09-11 22:59 - 2016-09-11 22:59 - 00000000 ____D C:\Users\Alex\Documents\The.Task
2016-09-11 22:28 - 2016-09-11 22:28 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\uTorrent
2016-09-11 21:34 - 2016-09-11 21:34 - 00016719 _____ C:\Users\Alex\Downloads\Fernbus_Simulator_2016.torrent
2016-09-11 19:42 - 2016-09-11 19:44 - 109132576 _____ C:\Users\Alex\Downloads\LMFAO_-_Sorry_For_Party_Rocking-2011-MOD.rar
2016-09-10 09:42 - 2016-09-10 09:42 - 01793045 _____ C:\Users\Alex\Downloads\187096_12.rar
2016-09-10 09:32 - 2016-09-10 09:32 - 03557465 _____ C:\Users\Alex\Downloads\FIFA 15 Latest Squads file by Mark.rar
2016-09-08 22:27 - 2016-09-08 22:27 - 00001032 _____ C:\Users\Alex\Desktop\fifa15.exe - Verknüpfung.lnk
2016-09-08 21:29 - 2016-09-08 21:33 - 00000000 ____D C:\Users\Alex\Documents\FIFA 15
2016-09-08 18:54 - 2016-09-08 18:54 - 00026052 ____N C:\Users\Alex\Downloads\88340998f9d272bb5a71c5b978fb316b42cc1347.dlc
2016-09-08 16:46 - 2016-09-08 16:46 - 00000000 ____D C:\Users\Alex\Documents\Soundaufnahmen
2016-09-07 22:17 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avira
2016-09-07 22:17 - 2016-09-07 22:17 - 04446224 _____ (Avira Operations GmbH & Co. KG) C:\Users\Alex\Downloads\avira_de_avpn0_57d075bcae606__def.exe
2016-09-07 22:17 - 2016-09-07 22:17 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-07 22:17 - 2016-09-07 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-07 21:03 - 2016-09-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-09-07 20:28 - 2016-09-07 20:28 - 00014357 _____ C:\Users\Alex\Downloads\RollerCoaster.Tycoon.World.Early.Access.torrent
2016-09-07 20:26 - 2016-09-07 20:35 - 566719036 _____ C:\Users\Alex\Downloads\Rcsrtycnpltn.rar
2016-09-07 20:21 - 2016-09-07 20:21 - 00003342 _____ C:\WINDOWS\System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2}
2016-09-07 14:31 - 2016-09-07 14:31 - 86921726 _____ C:\Users\Alex\Downloads\LStThViC.rar
2016-09-07 14:30 - 2016-09-08 16:45 - 00000000 ____D C:\Users\Alex\Desktop\Lindsey Stirling
2016-09-07 14:30 - 2016-09-07 14:30 - 137263509 _____ C:\Users\Alex\Downloads\%2FLindsey_Stirling-Lindsey_Stirling-%28Deluxe_Edition%29-2013-C4.zip
2016-09-07 14:29 - 2016-09-07 14:32 - 118347516 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Brave_Enough-%28Limited_Deluxe_Edition%29-2016-C4.rar
2016-09-07 14:29 - 2016-09-07 14:30 - 111660182 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Shatter_Me-%28Deluxe_Edition%29-2014-C4.rar
2016-09-07 14:26 - 2016-09-07 14:25 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-09-07 14:24 - 2016-09-07 14:24 - 01196752 _____ (Adobe Systems Incorporated) C:\Users\Alex\Downloads\flashplayer22_xa_install.exe
2016-09-07 13:09 - 2016-09-07 13:13 - 01028096 ____N C:\Users\Alex\Downloads\Fernbus Simulator Free.img
2016-09-06 15:31 - 2016-09-13 20:44 - 00000000 ____D C:\Users\Alex\Desktop\mbar
2016-09-06 13:11 - 2016-09-06 13:11 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\libeay32.dll
2016-09-06 13:11 - 2016-09-06 13:11 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\ssleay32.dll
2016-09-06 13:10 - 2016-09-06 13:10 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00000608 __RSH C:\ProgramData\ntuser.pol
2016-09-06 13:10 - 2016-09-06 13:10 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-09-06 13:10 - 2016-09-06 13:10 - 00000000 ____D C:\Program Files (x86)\FastSocial
2016-09-06 13:08 - 2016-09-06 13:08 - 00000381 _____ C:\Users\Alex\Downloads\FF16 TOR.txt
2016-09-06 08:34 - 2016-09-12 10:34 - 00000000 ____D C:\AdwCleaner
2016-09-06 08:34 - 2016-09-06 08:34 - 03826240 _____ C:\Users\Alex\Downloads\AdwCleaner_6.010.exe
2016-09-05 09:57 - 2016-09-05 09:57 - 01144832 _____ C:\Users\Alex\Downloads\Crack Setup.img
2016-09-02 20:44 - 2016-09-02 20:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Promotion Software GmbH
2016-09-02 20:39 - 2016-09-02 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2016-08-31 15:26 - 2016-08-31 15:26 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads (1).exe
2016-08-30 20:28 - 2016-08-30 20:28 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autobahn Police Simulator.lnk
2016-08-30 20:24 - 2016-08-30 20:24 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (2).asx
2016-08-30 13:45 - 2016-08-30 13:46 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2016-08-30 13:45 - 2016-08-30 13:45 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe
2016-08-30 13:45 - 2016-08-30 13:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2016-08-30 13:42 - 2016-08-30 13:42 - 01474568 _____ C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe
2016-08-30 11:43 - 2016-08-30 11:43 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe
2016-08-30 09:52 - 2005-05-17 15:39 - 00349265 _____ C:\Users\Alex\Desktop\tvtotalnippelboard.swf
2016-08-30 09:50 - 2016-08-30 09:52 - 395414331 _____ () C:\Users\Alex\Downloads\GLP - Soundboard Setup.exe
2016-08-30 09:48 - 2016-08-30 09:48 - 01474568 _____ C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
2016-08-29 21:18 - 2016-08-29 21:18 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads.exe
2016-08-29 21:15 - 2016-08-29 21:16 - 02000360 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_blacksheephd.exe
2016-08-29 20:53 - 2016-08-29 20:55 - 04411520 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_x96byzanard.exe
2016-08-29 20:47 - 2016-08-29 20:56 - 03227864 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_pioneerxdjrxbyzaik.exe
2016-08-29 10:28 - 2009-10-30 04:39 - 08151040 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CMICNFG3.dll
2016-08-29 10:28 - 2009-04-02 10:59 - 00143360 ____N C:\WINDOWS\SysWOW64\VmixP6.dll
2016-08-29 10:28 - 2008-07-23 12:59 - 00389120 ____N () C:\WINDOWS\system32\CMICNFG3.cpl
2016-08-29 10:28 - 2006-09-13 20:21 - 00200704 ____N (C-Media) C:\WINDOWS\SysWOW64\CMPaOxy.dll
2016-08-29 10:27 - 2016-08-29 10:28 - 00000188 _____ C:\WINDOWS\Cmicnfg3.ini.cfl
2016-08-29 10:27 - 2016-08-29 10:27 - 00792576 ____N C:\WINDOWS\system32\Cmeaupci.exe
2016-08-29 10:27 - 2016-08-29 10:27 - 00000183 _____ C:\WINDOWS\Cmicnfg3.ini.imi
2016-08-29 10:27 - 2016-08-29 10:27 - 00000130 _____ C:\WINDOWS\system\Dlap.pfx
2016-08-29 10:27 - 2016-08-29 10:27 - 00000122 _____ C:\WINDOWS\system\Cmicnfg3.ini
2016-08-29 10:27 - 2016-08-29 10:27 - 00000000 ____D C:\Users\Alex\Desktop\PCI-8738-091211-7.12.8.1740(W7-RC-01)
2016-08-29 10:27 - 2009-12-11 05:28 - 00002754 ____N C:\WINDOWS\cmudax3.ini
2016-08-29 10:27 - 2009-12-01 05:31 - 01155072 _____ (C-Media Inc) C:\WINDOWS\system32\Drivers\cmudax3.sys
2016-08-29 10:27 - 2009-08-19 10:00 - 00359424 ____N C:\WINDOWS\system32\CmiInstallResAll64.dll
2016-08-29 10:27 - 2008-10-15 09:41 - 00002123 ____N C:\WINDOWS\Cmicnfg3.ini.cfg
2016-08-29 10:27 - 2007-11-04 19:30 - 01144983 ____N C:\WINDOWS\SysWOW64\KB936225x64.msu
2016-08-29 10:27 - 2007-02-26 14:30 - 00036864 _____ (C-Media Electronics Ins.) C:\WINDOWS\system32\cmudax3.dll
2016-08-29 10:27 - 2006-10-05 23:45 - 00524768 _____ (Microsoft Corporation) C:\WINDOWS\difxapi.dll
2016-08-28 20:36 - 2016-08-28 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\ProgramData\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-08-28 20:32 - 2016-08-28 20:33 - 244782432 _____ (Native Instruments ) C:\Users\Alex\Downloads\Traktor 2 2.10.3 Setup PC.exe
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 __HDC C:\ProgramData\{EB9C1D32-304E-4E8E-8D44-C4102A190A39}
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 ____D C:\Backup
2016-08-28 20:28 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2016-08-28 18:15 - 2016-09-13 15:38 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-08-28 18:15 - 2016-08-31 15:01 - 00000000 ____D C:\Users\Alex\Documents\VirtualDJ
2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-08-28 18:14 - 2016-08-28 18:15 - 38203392 _____ C:\Users\Alex\Downloads\install_virtualdj_pc_v8.2.3343.msi
2016-08-28 17:52 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\AppData\Local\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 25035393 _____ C:\Users\Alex\Downloads\mixxx-2.0.0-win64.exe
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\Program Files\Mixxx
2016-08-28 17:41 - 2016-08-28 18:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zulu DJ-Software.lnk
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-28 17:40 - 2016-08-28 17:40 - 00974560 _____ (NCH Software) C:\Users\Alex\Downloads\zulusetup.exe
2016-08-28 17:40 - 2016-08-28 17:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NCH Software
2016-08-28 17:03 - 2016-08-28 17:03 - 38302328 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_virtualdj_home_v7.4.6.exe
2016-08-27 15:10 - 2016-08-27 15:10 - 02929520 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer.exe
2016-08-26 15:21 - 2016-08-26 15:21 - 01106840 _____ (Unity Technologies ApS) C:\Users\Alex\Downloads\UnityWebPlayer64.exe
2016-08-26 14:25 - 2016-08-26 14:25 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-08-25 21:58 - 2016-08-25 21:58 - 00000000 ____D C:\Users\Alex\Documents\Ghosthunters
2016-08-25 21:12 - 2016-08-25 21:12 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (1).asx
2016-08-23 22:19 - 2016-08-23 22:19 - 00000000 ____D C:\Users\Alex\Documents\Die Unfassbaren 2
2016-08-23 21:09 - 2016-08-23 21:09 - 00000000 ____D C:\Users\Alex\Documents\Die.wilden.Kerle.6.Die.Legende.lebt
2016-08-22 18:36 - 2016-08-22 18:36 - 00001187 _____ C:\Users\Alex\Desktop\Dynamo Dresden v RB Leipzig - DFB Pokal 1 Runde 2016_17_08.lnk
2016-08-22 18:25 - 2016-08-22 18:25 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Aspyr Media
2016-08-22 17:53 - 2016-08-22 17:53 - 00000744 _____ C:\Users\Public\Desktop\Layers of Fear - Masterpiece Edition.lnk
2016-08-22 17:52 - 2016-08-22 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloober Team SA
2016-08-20 15:42 - 2016-09-12 08:10 - 00000000 ____D C:\Users\Alex\Desktop\Musik
2016-08-18 21:09 - 2016-08-18 21:09 - 00003320 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-16 20:19 - 2016-08-16 20:19 - 00610769 _____ C:\Users\Alex\Downloads\depends22_x86.zip
2016-08-16 20:05 - 2016-08-16 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\Documents\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\AppData\Local\TomTom
2016-08-16 20:03 - 2016-08-16 20:03 - 29403160 _____ C:\Users\Alex\Downloads\TomTomHOME2winlatest.exe
2016-08-16 20:00 - 2016-08-16 20:00 - 37565768 _____ (TomTom International B.V.) C:\Users\Alex\Downloads\InstallMyDriveConnect.exe
2016-08-16 20:00 - 2016-08-16 20:00 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-08-14 22:26 - 2016-08-14 22:26 - 00000000 ____D C:\Users\Alex\Desktop\Flo Exklusiv
2016-08-14 19:44 - 2016-08-14 22:25 - 00000000 ____D C:\Users\Alex\Desktop\Neuer Ordner (4)
2016-08-14 17:41 - 2016-08-14 17:41 - 69347755 _____ C:\Users\Alex\Desktop\bob der Zug Tierstimme Song.mp4
2016-08-14 11:04 - 2016-08-14 11:04 - 00033791 _____ C:\Users\Alex\Downloads\tfp_1_2.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-13 21:02 - 2015-08-06 17:26 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9976B872-EBCD-4E3B-A512-199270B5525F}
2016-09-13 21:02 - 2014-12-31 21:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-13 20:55 - 2015-03-30 17:38 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-13 20:50 - 2016-07-25 15:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-09-13 20:44 - 2016-07-20 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-13 20:11 - 2015-04-01 12:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-13 20:08 - 2016-07-20 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-13 20:08 - 2016-07-20 12:06 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-13 11:55 - 2016-03-24 18:55 - 06502080 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-13 08:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-13 08:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-13 08:34 - 2015-07-31 20:20 - 00002127 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-09-13 08:32 - 2015-05-04 14:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-12 10:37 - 2015-07-31 20:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Wise Care 365
2016-09-12 10:35 - 2015-12-22 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 10:35 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-12 10:35 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 10:35 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 10:29 - 2014-12-31 21:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2016-09-12 08:12 - 2016-07-25 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-12 01:15 - 2015-01-04 22:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-09-12 01:15 - 2015-01-02 16:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2016-09-11 23:20 - 2015-12-22 16:42 - 02113470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 23:20 - 2015-10-30 20:35 - 00898170 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-11 23:20 - 2015-10-30 20:35 - 00201656 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-11 23:20 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-11 22:43 - 2015-07-03 15:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-09-11 22:42 - 2015-07-03 15:19 - 00000000 ____D C:\Program Files\Rockstar Games
2016-09-09 22:07 - 2015-12-22 16:43 - 00000000 ____D C:\Users\Alex
2016-09-08 22:27 - 2015-01-02 20:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2016-09-08 13:14 - 2015-10-01 21:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2016-09-08 12:28 - 2015-01-01 12:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2016-09-08 12:00 - 2015-08-21 10:33 - 00000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2016-09-07 22:17 - 2014-12-31 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-07 22:17 - 2014-12-31 21:27 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-07 20:20 - 2015-01-03 13:40 - 00000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2016-09-07 14:33 - 2015-03-30 20:16 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 14:26 - 2015-09-13 09:21 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2016-09-07 14:26 - 2015-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 14:26 - 2015-03-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-07 14:25 - 2016-02-19 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00000000 ____D C:\Program Files\Java
2016-09-07 14:24 - 2015-01-01 21:08 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2016-09-07 13:07 - 2014-12-31 20:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-06 13:09 - 2016-07-26 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-04 19:09 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-02 09:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-02 09:12 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-29 16:38 - 2015-02-01 10:39 - 00000000 ____D C:\ProgramData\Ultra Vision Video Converter
2016-08-29 10:29 - 2016-01-17 10:33 - 00387176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-29 10:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-08-27 15:56 - 2015-09-03 19:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2016-08-27 15:10 - 2015-09-03 18:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2016-08-27 13:19 - 2015-11-10 14:32 - 00000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2016-08-27 09:24 - 2015-05-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ravenscourt
2016-08-22 18:55 - 2016-01-31 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2016-08-21 09:21 - 2015-08-17 19:42 - 00000000 ___RD C:\Users\Alex\Desktop\Bildbearbeitung
2016-08-20 15:21 - 2015-02-26 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-08-18 21:09 - 2015-08-04 19:56 - 00002416 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 21:09 - 2015-08-04 19:56 - 00000000 ___RD C:\Users\Alex\OneDrive
2016-08-16 20:03 - 2015-11-27 21:53 - 00000000 ____D C:\Users\Alex\AppData\Local\Downloaded Installations

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-15 18:22 - 2015-11-15 10:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2016-06-02 10:48 - 2016-06-02 10:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 15:38 - 2015-04-10 15:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 18:01 - 2015-07-04 18:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 20:25 - 2015-07-24 20:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 12:41 - 2015-11-18 12:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2015-12-22 16:38 - 2015-12-22 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Alex\AppData\Local\Temp\libeay32.dll
C:\Users\Alex\AppData\Local\Temp\msvcr120.dll
C:\Users\Alex\AppData\Local\Temp\proxy_vole4506188439364049303.dll
C:\Users\Alex\AppData\Local\Temp\sqlite3.dll
C:\Users\Alex\AppData\Local\Temp\VirtualDJ New Version.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-07 17:36

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016
durchgeführt von Alex (13-09-2016 21:14:00)
Gestartet von C:\Users\Alex\Downloads
Windows 10 Pro Version 1511 (X64) (2015-12-22 15:12:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2927967124-101175508-2003510897-500 - Administrator - Enabled) => C:\Users\Administrator
Alex (S-1-5-21-2927967124-101175508-2003510897-1000 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2927967124-101175508-2003510897-503 - Limited - Disabled)
Gast (S-1-5-21-2927967124-101175508-2003510897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2927967124-101175508-2003510897-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
18 Wheels of Steel Extreme Trucker 2 (HKLM-x32\...\{A2B65355-E44A-4662-9533-AB5A4A3533ED}) (Version: 1.00.0000 - Valusoft)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 17.0.2946.11963 - AKVIS)
Armored Warfare MyCom (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom) (Version: 1.96 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
Autobahn Police Simulator MULTI4 (HKLM\...\YXV0b2JhaG5wb2xpY2VzaW11bGF0b3I_is1) (Version: 1 - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BASE (HKLM-x32\...\{B4D9F24E-C5C2-4B5E-A56D-8E13E0729C64}) (Version: 1.0.0 - d3)
Berg und Tunnelbau (HKLM-x32\...\Mining and Tunneling) (Version:  - )
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dance eJay 7 (HKLM-x32\...\{A18BB607-BC5A-474E-88FD-C215B91A0F97}) (Version: 7 - Empire Interactive)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
DIG IT! - A Digger Simulator (HKLM\...\Steam App 311910) (Version:  - Cape Copenhagen)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2016 (HKLM-x32\...\Emergency 2016_is1) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastSocial version 1 (HKLM-x32\...\{0C9D97C7-4EC9-4BAB-AE9E-FA4F9EE56484}_is1) (Version: 1 - )
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
GdZ WoT ModPack Version 0.9.15.1.5 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.15.1.5 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.113 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Heart's Medicine: Time to Heal (HKLM\...\aGVhcnRzbWVkaWNpbmV0aW1ldG9oZWFs_is1) (Version: 1 - )
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita Desktop (x86) "2.9.6.3" (HKLM-x32\...\{ACF8935C-CA56-43D2-A923-DD95CBCE1BEB}) (Version: 2.9.6.3 - Krita Foundation)
Layers of Fear (HKLM-x32\...\Layers of Fear_is1) (Version:  - )
Life is Strange (HKLM-x32\...\Life is Strange_is1) (Version:  - )
Locks Pro (HKLM-x32\...\Locks Pro) (Version:  - )
Logistics Company (HKLM\...\Steam App 328310) (Version:  - Crenetic GmbH Studios)
Logitech Gaming Software 64 (HKLM-x32\...\InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Model_Viewer (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\007d47cbc8a50530) (Version: 2.0.0.23 - WOT MODEL VIEWER)
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Nesbox Companion (HKLM-x32\...\com.nesbox.companion) (Version: 1.1 - UNKNOWN)
Nesbox Companion (x32 Version: 1.1 - UNKNOWN) Hidden
null (HKLM-x32\...\MonsterMaker) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.5.1.212 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.212 - Odem Mortis)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.06 - aerosoft)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.306.0 - Overwolf Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProTrain Perfect 2 - Dresden - Leipzig - (HKLM-x32\...\{509E436F-FEEA-49BC-BD16-8F5F67D715E1}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nord-Süd 2  - Update (HKLM-x32\...\{2DE73DB6-37F4-4580-97A0-505D478EF02A}) (Version: 1.31 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 4 - S-Bahn Berlin- Update 1.1 (HKLM-x32\...\{56706286-0B7A-46A3-9835-CF1ACB4BBFE2}) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RESCUE 2013 (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\RESCUE 2013) (Version: 1.30.00.00 - rondomedia GmbH)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version:  - )
Samantha Swift and the Golden Touch (HKLM-x32\...\Samantha Swift and the Golden Touch) (Version: 1.1.0.0 - MumboJumbo)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Application Controller (HKLM-x32\...\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1) (Version: 1.00 - Smart Application Controller)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Last Dream - Developer's Edition (HKLM-x32\...\The Last Dream - Developer's Edition_is1) (Version:  - )
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.0.0 - Tweaking.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UK Truck Simulator 1.11 (HKLM-x32\...\UK Truck Simulator) (Version: 1.11 - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VirtualDJ 8 (HKLM-x32\...\{AC964E48-8E21-4622-9073-AD42BC6A57B1}) (Version: 8.2.3343.0 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wonderland Solitaire (HKLM-x32\...\Wonderland Solitaire) (Version:  - )
World Series Of Poker  (HKLM-x32\...\World_Series_Of_Poker_1.0) (Version:  - )
X-Mouse Button Control 2.9.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.9.1 - Highresolution Enterprises)
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.63 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03721160-D3EC-4395-9515-90AF4387D601} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-09-07] (Overwolf LTD)
Task: {08071F0B-7A8F-4307-AC19-CAC94B3D7CF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {088BCE7E-C0DF-4878-9566-F3DF074A0850} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft)
Task: {11072F2E-CF5D-4042-8117-BF302C3D1134} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {2D6D5D52-DEB4-4D7E-8582-BFA2594CE8A4} - System32\Tasks\{E38CF82E-0E32-471D-AF9A-11ACBB05F575} => pcalua.exe -a "D:\Spiele\Black &amp; White\Setup.exe" -d "D:\Spiele\Black &amp; White"
Task: {3219B889-3FAF-4BA3-87DF-9656385F0909} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {3D26F772-E706-43C1-BB76-960259E909D5} - System32\Tasks\Joropygrosak Debuger => C:\Program Files (x86)\Prerpetaincliiph\keda.exe [2016-09-12] (CHENGDU YIWO Tech Development Co., Ltd)
Task: {3E59135F-C845-4CA7-9306-09BA53D3BF10} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {3ECA284F-6060-4355-8201-2B3667D6A8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {48A39499-C887-47AB-A03E-EC1284135582} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
Task: {739D6E46-1EBE-45B0-B3A8-BE4B706B11C9} - System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2} => pcalua.exe -a "D:\Spielei\RollerCoaster Tycoon 3 Platinum\RCT3.EXE" -d "D:\Spielei\RollerCoaster Tycoon 3 Platinum"
Task: {7D66D896-7E61-483F-AC36-CBF7B2F70AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-09] (Microsoft Corporation)
Task: {82459BE3-0FD2-4083-A85E-4E159CB47C66} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {9459BA5A-FD31-4742-B874-E18D2F2CFA4F} - System32\Tasks\{9F699765-8CF8-476D-B4B0-17A827A46CA3} => C:\Program Files (x86)\Origin\Origin.exe [2015-03-24] (Electronic Arts)
Task: {981322A7-5CE4-419F-9EE9-A5B122E6477F} - System32\Tasks\CheckControllerUpdatesUA => C:\Program Files (x86)\Smart Application Controller\smappscontroller.exe [2016-07-13] (Smart Application Controller)
Task: {A1F15BE6-717C-4421-B6F5-31A5D6F3E16A} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-07-27] (WiseCleaner.com)
Task: {A395D13F-8616-4430-AA41-59C643D31545} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {BCE3DD01-4356-448D-B9F2-B66F03DA84E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {C90E9125-55FE-459E-B59C-A8CC3EDC83B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DF339562-E44E-4C7B-BFED-89CD5B300750} - System32\Tasks\{E32C968D-9A4A-468A-9739-5EC5DD81248A} => pcalua.exe -a "F:\Wolfenstein The Old Blood German Uncut Edition\WOLF.OB.GUE.exe" -d "F:\Wolfenstein The Old Blood German Uncut Edition"
Task: {E27BD397-DC88-4C92-9D33-9AEBB4FF1077} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {FD8DDAD2-0AB1-4C79-8872-2DE3B0CAA13A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alex\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{F6416E63-CBFE-49C4-8CFC-2042B9323E65}\SupportTasks\1\Support.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{F6416E63-CBFE-49C4-8CFC-2042B9323E65}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.activisiono2.com/tony_hawk/main.asp/
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{78751FE4-B96B-4715-A617-314D7C47A2A0}\SupportTasks\0\Support.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-31 20:57 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-20 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-20 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 21:09 - 2016-08-18 21:09 - 01864384 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-23 10:07 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-20 14:57 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-20 14:56 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-20 14:56 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-20 14:56 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-20 14:56 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-13 21:02 - 2016-09-13 01:38 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.113\libglesv2.dll
2016-09-13 21:02 - 2016-09-13 01:38 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.113\libegl.dll
2016-07-21 18:32 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2016-09-13 21:09 - 2016-09-12 17:48 - 30996160 _____ () C:\Users\Alex\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll
2016-09-12 08:12 - 2016-09-12 08:12 - 00301568 _____ () c:\program files (x86)\prerpetaincliiph\clhbuilder.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Alex\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-06 13:11 - 00001037 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Control Panel\Desktop\\Wallpaper -> F:\Oskar\Neuer Ordner (21)\Neuer Ordner (8)\IMG-20160619-WA0004.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "TomTomHOME.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{B8EC54F5-26ED-48D9-8E73-FD26BA352BB4}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{185431DA-2C79-4C60-AF6B-330AB0971EA2}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{203E9AAD-FAA1-49B9-9BE9-F2C2271A368F}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{D7B962F1-105F-488E-9678-984032B74CFF}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{59F51F14-EE3A-45A9-9C87-9485BF612573}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{2453E5A1-8AEF-432D-9F29-4435D9123DAF}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{68A87591-6E15-49C9-B6D5-00E0404EE469}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{98862868-268B-46F0-A7A1-F419B1F37ED4}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{A37D346B-E470-486D-886A-AB7A70CEA756}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{9941EBEE-8E38-4E5A-B75F-BF3E22A5007B}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{86285CEE-479B-46FD-B323-93D13AFF6BB7}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{F028F5E8-B9B2-4FFD-8967-454EF0D5C8AD}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{055257B4-7DB5-421A-B9CE-FC9A2768CEC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64626A8F-D518-4A3E-B800-B6E6E12D8A6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{351CF24C-5C76-480D-8504-68E0AD1843D7}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{948DAF27-C71D-4CC4-BE10-89DB3D4046BC}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{253899B7-30F0-40FA-820D-42FC5EE64BDD}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{E6B46A64-C7FB-4B76-BDA2-7F8CE5C19BE2}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{7B9803AD-565F-484F-A3AC-7608B4E027C0}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B7B8C30-490B-4165-91C9-0BA2ECF08FE9}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{63B3C213-6114-4963-A3D3-EB3CD2016612}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B77A2EB4-C11B-43C6-BFA5-0DF9C825F01D}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{ABC853EF-AA7D-4B6B-9898-2DE7F7131D17}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{3DE2D36C-CCC9-4E7F-A312-82C6FF4BAE64}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{4D80A436-398C-4BA4-9626-484B2BD6890B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C15BD84-ED5D-442F-B454-6093E1A34678}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F520FDF6-D5AF-49EE-9672-80D2D78A1ECE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DE4A103C-31F4-40A1-8F16-31CB15E8865C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8A82E90F-A1DD-4E49-867E-0D95254879E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DC96D98-714F-4456-ABFD-E54CF194D6CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E0C7D29-7456-4E18-8D41-C374DB54F8EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BEE464F7-4F1A-4DC3-A9DF-C6496F7DC8EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F73A41F2-F6B4-4D42-94B0-24FB215C452E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D2EE8800-F670-445E-8AED-196AEE247BB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B8F73D0-7764-46F2-8DA0-FDE0DE8DFE90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{676D9C46-E14F-4026-ADDE-B2C63446D955}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B35FD59-01B0-44F0-85EF-E4ED1F88E13B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A3D99F3-D921-426B-B7DF-7324B11E5EAF}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{10DFF208-43B4-487F-B87C-EC2EDD159280}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [TCP Query User{267A32AA-CDCA-4691-A944-9E604C81E46D}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [UDP Query User{B181587D-6A97-4BAD-A8D4-A6AF6CBCC296}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{EEF9EBA0-1956-40F6-B77F-614DD4EA5722}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{9F3E3F30-F41B-4865-BE41-83FE9833B3F6}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{1BE673C4-9EBC-4746-8864-4EF8DE737B8F}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{94ED7558-F682-4093-9313-F8ACBF078BE0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{97934D29-83EA-4C92-A58B-9C1490FA8661}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{BD969C95-3B4F-47ED-9D72-B0B16C1B9221}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{65209785-178C-4995-A308-6B16828E82FC}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{C765AC84-C3C6-4381-B834-7A4D9C1A7519}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{D0FB81DC-360F-4A36-8512-FD557837FBD0}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{612D9E77-960F-447F-900B-BA528AD8C8C3}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{DE0D30BD-785F-4C6E-AB2E-B2EA5B95A212}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{785C73F8-5AFE-469E-9E2D-2F1B814DE3C8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{0B571320-7652-4382-A54C-630B0BBABE66}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{B1D7EA1F-B066-4CA0-8D50-E89501B0C6F0}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{CBF73693-887B-4786-989A-E6B514955243}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{BAD49B2D-5B7E-4239-97FF-CCCC34FCE690}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{39235AEA-0DD2-4CDA-B963-38FB32CEC0B1}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{31F01DEC-1B23-430D-93A4-34E1165168BA}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [UDP Query User{663B8EBA-8FDD-4379-A5DB-5EAE3D1D4F06}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{6C958C17-0A38-493E-99CC-B87F1FDB242D}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [UDP Query User{5455F566-360E-4D82-AF47-7E01DC44F3E8}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [TCP Query User{4FC326C9-DD65-4C55-B7CF-F00DC2A25734}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [UDP Query User{3DDC05D5-A11D-4FFF-9EBE-07A822FE9984}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [{15350DE1-C269-45CC-9C37-ED444708E09B}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{0FAB828E-4B69-4960-AB60-B6E47BD20F3C}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{822BDA0E-5DAC-4BA9-84DE-BEFCED48F171}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{E3475040-EF12-4BFA-90D4-5CCFFD4182C3}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{D5402871-D6DB-4AF8-A11B-211A8FC142C0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C55D6CF-C802-4747-B16E-96E20EA42E76}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{0653881F-C4F1-483B-9EEF-03B6E478915E}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [UDP Query User{2C652085-C216-4B0B-B1F6-DFD07D862D05}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [TCP Query User{CE25C343-01B1-4AC8-B589-828CC9C63538}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [UDP Query User{329E50C5-1D43-40B1-AE0C-DF02A1473FFA}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [TCP Query User{1ABB671C-E149-4942-90E0-2FB13CF7EA4F}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [UDP Query User{EDFA809B-57F0-462A-B2AA-19CD31295828}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [TCP Query User{6608EC4A-642D-47C4-AD82-C8174517D431}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [UDP Query User{F3A2D79C-8F64-4056-9DA6-9D402E8BCB68}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [TCP Query User{2203F989-B0FB-4A66-B5AC-7606BEEE091E}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{1A43CF24-88C0-4887-9A94-04DFD8A1B8FD}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{15842196-AF0E-4252-8B98-1B0C1BD6F6C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5EDC8EF-6825-4B8C-BB28-47C641330927}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{71654F9A-49E1-4DB8-90D1-E6FDEE57BB02}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [UDP Query User{389B68A3-BDB8-4CC7-B5F1-B9EAD578C78D}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [TCP Query User{9022ED3A-732F-4D6B-B4A2-039E2232E84D}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [UDP Query User{50273C90-0B32-483A-82AB-CE40A761D30A}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [TCP Query User{A09AC952-684E-4B97-9EFD-1E9962A6A6C6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{339B0FA0-5B3B-4771-B2CC-A7B468AB37BF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CAA3658F-D1DC-499D-A613-9D1FE46AC2EC}] => (Allow) D:\Spiele\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{7E1EC7E7-AD73-4F85-9297-13EB50549D60}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{5DABB8C9-E523-4BC0-B006-53BBB5DF8814}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{2D262BCC-E6F4-4697-87CB-E62DEBB048DC}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{43DC8776-57FD-40B5-91B0-CBD2C03C5632}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{012D1E29-64E0-446B-83D6-0A35E49F4953}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-09-2016 10:33:38 Malwarebytes Anti-Rootkit Restore Point
13-09-2016 20:15:41 JRT Pre-Junkware Removal
13-09-2016 20:44:23 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/13/2016 09:06:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:05:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:05:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:04:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\alex\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 08:53:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 08:49:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 08:44:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/13/2016 08:16:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/13/2016 08:45:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "(C:)" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/12/2016 10:33:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (09/13/2016 09:12:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (09/13/2016 09:12:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys

Error: (09/13/2016 09:12:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (09/13/2016 09:12:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys

Error: (09/13/2016 09:12:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (09/13/2016 09:12:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys

Error: (09/13/2016 09:07:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (09/13/2016 09:07:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys

Error: (09/13/2016 09:07:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (09/13/2016 09:07:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Alex\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-09-12 21:35:11.184
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:58.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:58.150
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:58.102
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:57.838
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:57.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:19:57.750
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:15:51.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:15:51.256
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-12 08:15:51.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8190.11 MB
Verfügbarer physikalischer RAM: 5119.13 MB
Summe virtueller Speicher: 8702.11 MB
Verfügbarer virtueller Speicher: 5784.96 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:25.27 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:319.27 GB) (Free:67.11 GB) NTFS
Drive f: (HITACHI) (Fixed) (Total:931.28 GB) (Free:111.51 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A8DAA8DA)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0DEE6153)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

M-K-D-B 14.09.2016 13:49
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!








Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
R2 JoropygrosakDebuger; C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll [301568 2016-09-12] () [Datei ist nicht signiert]
Task: {3D26F772-E706-43C1-BB76-960259E909D5} - System32\Tasks\Joropygrosak Debuger => C:\Program Files (x86)\Prerpetaincliiph\keda.exe [2016-09-12] (CHENGDU YIWO Tech Development Co., Ltd)
C:\Program Files (x86)\Prerpetaincliiph
C:\WINDOWS\Joberphlusisp
C:\Users\Alex\AppData\Local\Sejoge
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.








Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

bohm 14.09.2016 16:28
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016
durchgeführt von Alex (14-09-2016 17:09:10) Run:1
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
R2 JoropygrosakDebuger; C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll [301568 2016-09-12] () [Datei ist nicht signiert]
Task: {3D26F772-E706-43C1-BB76-960259E909D5} - System32\Tasks\Joropygrosak Debuger => C:\Program Files (x86)\Prerpetaincliiph\keda.exe [2016-09-12] (CHENGDU YIWO Tech Development Co., Ltd)
C:\Program Files (x86)\Prerpetaincliiph
C:\WINDOWS\Joberphlusisp
C:\Users\Alex\AppData\Local\Sejoge
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
JoropygrosakDebuger => Dienst nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D26F772-E706-43C1-BB76-960259E909D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D26F772-E706-43C1-BB76-960259E909D5}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Joropygrosak Debuger => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Joropygrosak Debuger" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\Prerpetaincliiph => erfolgreich verschoben
C:\WINDOWS\Joberphlusisp => erfolgreich verschoben
C:\Users\Alex\AppData\Local\Sejoge => erfolgreich verschoben
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden.
HKLM\SOFTWARE\Policies\Google => Schlüssel nicht gefunden.

========= dir /B "%ProgramFiles%" =========

Adblock Plus for IE
Adobe
ATI
ATI Technologies
CMAK
Common Files
DVD Maker
FileZilla FTP Client
Highresolution Enterprises
HWiNFO64
Internet Explorer
Java
Logitech
Microsoft Mouse and Keyboard Center
Microsoft Office
Microsoft Silverlight
Mixxx
Mozilla Firefox
MSBuild
NVIDIA Corporation
Realtek
Reference Assemblies
Rockstar Games
TeamSpeak 3 Client
totalcmd
UeEi2
Unity
VS Revo Group
Windows Defender
Windows Journal
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
WinRAR

========= Ende von CMD: =========


========= dir /B "%ProgramFiles(x86)%" =========

AbiWord
Activation
Adobe
AIMP
AKVIS
Anvsoft
ASUS
Auslogics
Avidemux 2.6
Avira
AVS4YOU
Bandicam
BandiMPEG1
CDBurnerXP
CMAK
Common Files
D-Link
DAEMON Tools Lite
Disc Soft
DLLSuite
epson
ESET
FastSocial
Foxit Software
Freemake
Google
Internet Explorer
Java
Krita (x86)
LocksPro
Malwarebytes Anti-Malware
MegaDev
Microsoft
Microsoft ASP.NET
Microsoft Games for Windows - LIVE
Microsoft Office
Microsoft Silverlight
Microsoft Visual Studio
Microsoft Visual Studio 8
Microsoft Works
Microsoft.NET
Mozilla Maintenance Service
Mozilla Thunderbird
MP3Gain
MSBuild
NCH Software
Nesbox Companion
NVIDIA Corporation
OpenOffice.org 3
Origin
Overwolf
PhotoScape
PlayClaw 5
PMlabs
Realtek
Reference Assemblies
Rockstar Games
Sketch Drawer
Smart Application Controller
Sony
Steam
TeamViewer
TomTom International B.V
Total Video Converter
Tweaking.com
Ubisoft
Ultra Vision Video Converter
VideoLAN
VirtualDJ
VMware
VS Revo Group
Winamp
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
Wise

========= Ende von CMD: =========


========= dir /B "%ProgramData%" =========

.mono
Adobe
Auslogics
AVAST Software
Avg
Avira
Becky Brogan 2
BlueStacksSetup
boost_interprocess
Canneverbe Limited
CannyGames
Codemasters
Comms
DAEMON Tools Lite
dbg
Dovetail Games
EA Core
eJay
Electronic Arts
EPSON
Far Mills
Forge of Games
Foxit ContentPlatform
Freemake
InstallShield
Licenses
Lionhead Studios
LittleGamesCompany
Logs
Malwarebytes
Malwarebytes' Anti-Malware (portable)
Microsoft Help
Microsoft OneDrive
Mozilla
MumboJumbo
Native Instruments
NCH Software
NVIDIA
NVIDIA Corporation
Oracle
Origin
Overwolf
Package Cache
Particles
PoBros
regid.1986-12.com.adobe
regid.1991-06.com.microsoft
RELOADED
Rockstar Games
SkidRow
Skype
SoftwareDistribution
Sony
Steam
Sun
TEMP
THQ
TuneUp Software
Ubisoft
Ultra Vision Video Converter
USOPrivate
USOShared
VMware
yelsi

========= Ende von CMD: =========


========= dir /B "%Appdata%" =========

.mono
AbiSuite
Activision
Adobe
AIMP
alsoft.ini
Andy
Anvate Games
Anvsoft
Argali
Artifex Mundi
ArtifexMundi
Aspyr Media
Atari
avidemux
Avira
AVS4YOU
Az-Art
BANDISOFT
Brave Giant
BraveGiant
Canneverbe Limited
cerasus.media
Colossal Order
com.nesbox.companion
DAEMON Tools Lite
de.rokapublish.launcher
Deep Shadows
DeltaBin
Desktop
DlinkViewCam
Doublefine
Dovetail Games
dvdcss
Eipix
EleFun Games
Elephant Games
EPSON
ESS
Feuerwache
FileZilla
FinewayStudios
Five-BN Games
Foxit Software
Frontier Developments
Frontwing
FUJIFILM
GameHouse
GHISLER
GrandMA Studios
Highresolution Enterprises
Identities
JanesZOO realore de
jhakonen.com
Kalypso Media
Keseling
krita
LestaStudio
Lionhead Studios
LittleGamesCompany
machines
Macromedia
Media Center Programs
Milestone
Mozilla
MumboJumbo
MyTransitGuide
NCH Software
NVIDIA
openal
OpenOffice.org
PhotoScape
PlayClaw5
PoBros
Profiles
ProMod
Promotion Software GmbH
RenPy
ShamanGS
Silverback Productions
Skype
Smart Application Controller
SpinTires
Steam
Sun
Sunward Games
TeamViewer
TheLastDream
Thunderbird
TomTom
TS3Client
ts3overlay
TuneUp Software
Ubisoft
Unity
uplay
Urchin
uTorrent
Vast Studios
vlc
VMware
Wargaming.net
Warner Bros. Interactive Entertainment
Winamp
WinRAR
Wise Care 365
Wise Force Deleter
WoodCutter2015

========= Ende von CMD: =========


========= dir /B "%LocalAppdata%" =========

ACCCx3_6_0_248
ACCCx3_6_0_248.zip
ActiveSync
Adobe
ali213GameLauncher
Apps
BlueStacks
CAPCOM
Caphyon
CEF
Colossal Order
Comms
CrashDumps
Daedalic Entertainment GmbH
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
DeadByDaylight
Diagnostics
Disc_Soft_Ltd
Downloaded Installations
ElevatedDiagnostics
EMU
file__0.localstorage
FishingGame
FlatOut Ultimate Carnage
fontconfig
FreemakeVideoConverter
Frontier Developments
fusioncache.dat
GHISLER
Ghostbusters
GHOSTBUSTERS (tm)
Google
GWX
id Software
JDownloader v2.0
Macromedia
Microsoft
Microsoft Help
MicrosoftEdge
Mixxx
Mozilla
MyComGames
NVIDIA
NVIDIA Corporation
Overwolf
Packages
PeerDistRepub
Programs
Publishers
resmon.resmoncfg
Rockstar Games
SKIDROW
Skype
SniperV2
speech
Sports Interactive
Steam
Temp
Thunderbird
TileDataLayer
TomTom
Ubisoft
Ubisoft Game Launcher
Unity
UnrealEngine
UWKProcess
Vedran_Budimir_Bajer
VirtualStore
WOS4 - New York
Zombie Army Trilogy

========= Ende von CMD: =========


========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 35136 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 266451630 B
Java, Flash, Steam htmlcache => 38662463 B
Windows/system/drivers => 15003326 B
Edge => 68444011 B
Chrome => 483856881 B
Firefox => 337973523 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2348 B
NetworkService => 197094 B
Alex => 293505883 B
Administrator => 0 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:11:39 ====
Code:
# AdwCleaner v6.010 - Bericht erstellt am 14/09/2016 um 16:13:52
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-13.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Alex - PEACHY
# Gestartet von : C:\Users\Alex\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\b`nl{y
[-] Schlüssel gelöscht: HKLM\SOFTWARE\b`nl{y


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4148 Bytes] - [06/09/2016 09:31:37]
C:\AdwCleaner\AdwCleaner[C2].txt - [2726 Bytes] - [06/09/2016 15:35:31]
C:\AdwCleaner\AdwCleaner[C3].txt - [3524 Bytes] - [12/09/2016 10:34:34]
C:\AdwCleaner\AdwCleaner[C4].txt - [1487 Bytes] - [14/09/2016 16:13:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [4143 Bytes] - [06/09/2016 09:30:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [2743 Bytes] - [06/09/2016 15:33:37]
C:\AdwCleaner\AdwCleaner[S2].txt - [1614 Bytes] - [07/09/2016 13:32:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [3468 Bytes] - [12/09/2016 09:57:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [3541 Bytes] - [12/09/2016 10:05:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [2133 Bytes] - [14/09/2016 16:12:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1998 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 14.09.2016
Suchlaufzeit: 16:23
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.14.07
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Alex

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 420806
Abgelaufene Zeit: 16 Min., 26 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 1
PUP.Optional.Elex, C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll, Löschen bei Neustart, [54bbe58d0e8cef47c822d61741c39070],

Registrierungsschlüssel: 4
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3D26F772-E706-43C1-BB76-960259E909D5}, Löschen bei Neustart, [a86785edddbd0a2c5a7206c352b022de],
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Joropygrosak Debuger, Löschen bei Neustart, [a06f89e90298da5cf7d6993040c260a0],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\JoropygrosakDebuger, In Quarantäne, [54bbe58d0e8cef47c822d61741c39070],
PUP.Optional.SystemHealer, HKU\S-1-5-21-2927967124-101175508-2003510897-500\SOFTWARE\SYSTEM HEALER, In Quarantäne, [4fc0bcb60496ec4a8a27e815e81ba45c],

Registrierungswerte: 2
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3D26F772-E706-43C1-BB76-960259E909D5}|Path, \Joropygrosak Debuger, Löschen bei Neustart, [a86785edddbd0a2c5a7206c352b022de]
PUP.Optional.SystemHealer, HKU\S-1-5-21-2927967124-101175508-2003510897-500\SOFTWARE\SYSTEM HEALER|CartURL, 1, In Quarantäne, [4fc0bcb60496ec4a8a27e815e81ba45c]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 16
Trojan.AdLoad.CN, C:\Users\Alex\AppData\Local\Temp\237752750\ic-0.a62718415d79.exe, In Quarantäne, [5db2b4be3862d066c78283342ed6c040],
PUP.Optional.Amonetize, C:\Users\Alex\AppData\Local\Temp\237752750\Setup__2140_il1815.exe, In Quarantäne, [55ba2d45cdcd4de96899e07515ec669a],
PUP.Optional.HohoSearch, C:\Windows\System32\Tasks\Joropygrosak Debuger, In Quarantäne, [1af55a18e7b35ed8d8f29039a55d847c],
PUP.Optional.MorePowerfulCleaner, C:\Users\Alex\AppData\Roaming\Microsoft\Windows\SendTo\MPC Desktop.lnk, In Quarantäne, [d53aa5cd2d6d6ccabf28da24b84b9b65],
PUP.Optional.Elex, C:\Program Files\Mozilla Firefox\wtsapi32.dll, Löschen bei Neustart, [e12e4b274c4ec076a2ad5d6d857f4eb2],
PUP.Optional.Elex, C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll, Löschen bei Neustart, [54bbe58d0e8cef47c822d61741c39070],
PUP.Optional.Amonetize, C:\Users\Alex\AppData\Local\Temp\amipixel.cfg, In Quarantäne, [31deff736337ae885b2998047490837d],
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\searchplugins\ezcclg65.xml, In Quarantäne, [ba559ad86a304ceaafcd5647030134cc],
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=2e5bf6ff8db68eaf40997b5g5zfm0c1qcq0edmec2q&from=amz&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp");), Ersetzt,[de312c464d4d0d29498fa14bb05460a0]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: ( 1473587134);
user_pref("app.update.lastUpdateTime.xpi-), Ersetzt,[957a7ff3792101352eaadf0da16306fa]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (s file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change t), Ersetzt,[ac63ec861a8086b0b02805e762a27b85]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (s running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfin), Ersetzt,[d03f59193c5efa3caf295a92a75de020]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (nces, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user_pref("app.update.lastU), Ersetzt,[8887046e8e0c57dfdbfd1fcdbe46b848]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (ges will be overwritten when the application exits.
), Ersetzt,[858aa6ccd9c154e26a6eb33933d1629e]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\prefs.js, Gut: (), Schlecht: (ypeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 147), Ersetzt,[cf40c9a93664c37328b0de0eca3a817f]
PUP.Optional.Trotux, C:\Users\Alex\AppData\Roaming\Profiles\Prmertyckbock.default\searchplugins\ezcclg65.xml, In Quarantäne, [60af96dc4d4d15219c39effdfe06a957],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64
Ran by Alex (Administrator) on 14.09.2016 at 16:57:42,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.09.2016 at 17:00:22,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
durchgeführt von Alex (Administrator) auf PEACHY (14-09-2016 17:03:15)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\Syswow64\CMICNFG3.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE" RunWithWindows
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {0f748fbf-2152-11e5-8233-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {94b3fc27-1c9b-11e5-ac5a-50465d90560b} - "H:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{faa03109-abab-40bf-9edb-fcd71145efd5}: [DhcpNameServer] 192.168.224.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-14]

Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-12]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-26]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-26]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-26]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-06]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-26]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-26]
CHR Extension: (Myinstants Soundboard) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fggacdedkdoacbemcilniodecinpfkgi [2016-08-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-26]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (mydlink services plugin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2016-07-26]
CHR Extension: (Google Maps) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-26]
CHR Extension: (Mein Chrome-Design) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-07-26]
CHR Extension: (SEGA GENESIS / SEGA Mega Drive Emulator) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnmgamcdbdieifheiiphnbbbcaofcbc [2016-07-26]
CHR Extension: (Emulador de Super Nintendo) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffhngmcplldclknnkmkkecjlhhccmid [2016-07-26]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-26]
CHR Extension: (RHS) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkaifndebjpbndephomibbjjbnokmfab [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR Extension: (Audio Cutter) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-09-07] (Overwolf LTD)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
U0 gbtbsm; C:\Windows\System32\drivers\yxnutjg.sys [79064 2016-09-14] (Malwarebytes)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [20128 2016-01-15] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-14 17:03 - 2016-09-14 17:03 - 00022786 _____ C:\Users\Alex\Desktop\FRST.txt
2016-09-14 17:00 - 2016-09-14 17:00 - 00000545 _____ C:\Users\Alex\Desktop\JRT.txt
2016-09-14 16:56 - 2016-09-14 16:56 - 01610560 _____ (Malwarebytes) C:\Users\Alex\Desktop\JRT(1).exe
2016-09-14 16:55 - 2016-09-14 16:55 - 00005673 _____ C:\Users\Alex\Desktop\mbam.txt
2016-09-14 16:54 - 2016-09-14 16:54 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\yxnutjg.sys
2016-09-14 16:21 - 2016-09-14 16:21 - 00001131 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-14 16:20 - 2016-09-14 16:20 - 22851472 _____ (Malwarebytes ) C:\Users\Alex\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-14 16:19 - 2016-09-14 16:19 - 00002084 _____ C:\Users\Alex\Desktop\AdwCleaner[C4].txt
2016-09-14 16:08 - 2016-09-14 16:08 - 00004542 _____ C:\Users\Alex\Desktop\14.09.16.txt
2016-09-14 14:54 - 2016-09-14 14:54 - 00000795 _____ C:\Users\Alex\Desktop\Fixlist.txt
2016-09-14 08:58 - 2016-09-14 08:58 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-13 21:14 - 2016-09-13 21:17 - 00059030 _____ C:\Users\Alex\Downloads\Addition.txt
2016-09-13 21:12 - 2016-09-14 17:03 - 00000000 ____D C:\FRST
2016-09-13 21:12 - 2016-09-13 21:17 - 00048192 _____ C:\Users\Alex\Downloads\FRST.txt
2016-09-13 21:12 - 2016-09-13 21:12 - 02398720 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2016-09-13 21:10 - 2016-09-13 21:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Downloads\tdsskiller.exe
2016-09-13 21:04 - 2016-09-13 21:04 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2016-09-13 21:02 - 2016-09-13 21:02 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-13 21:02 - 2016-09-13 21:02 - 00002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-13 21:00 - 2016-09-14 16:17 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 21:00 - 2016-09-14 16:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 21:00 - 2016-09-13 21:00 - 00004178 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-13 21:00 - 2016-09-13 21:00 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\Program Files\VS Revo Group
2016-09-13 20:14 - 2016-09-13 20:45 - 07093624 _____ (VS Revo Group ) C:\Users\Alex\Downloads\revosetup_2.0.exe
2016-09-13 20:13 - 2016-09-13 20:15 - 01610560 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2016-09-12 08:13 - 2016-09-12 08:13 - 00000046 _____ C:\WINDOWS\Joberphlusisp
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avg
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-12 08:12 - 2016-09-12 10:35 - 00000000 ____D C:\Program Files (x86)\Prerpetaincliiph
2016-09-12 08:12 - 2016-09-12 09:55 - 00000000 ____D C:\Users\Alex\AppData\Local\Sejoge
2016-09-12 08:10 - 2016-09-12 10:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MyTransitGuide
2016-09-12 08:08 - 2016-09-12 08:08 - 01208320 _____ C:\Users\Alex\Downloads\fernbus_simulator_conspir4cy_crackrar.img
2016-09-11 22:59 - 2016-09-11 22:59 - 00000000 ____D C:\Users\Alex\Documents\The.Task
2016-09-11 22:28 - 2016-09-11 22:28 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\uTorrent
2016-09-11 21:34 - 2016-09-11 21:34 - 00016719 _____ C:\Users\Alex\Downloads\Fernbus_Simulator_2016.torrent
2016-09-11 19:42 - 2016-09-11 19:44 - 109132576 _____ C:\Users\Alex\Downloads\LMFAO_-_Sorry_For_Party_Rocking-2011-MOD.rar
2016-09-10 09:42 - 2016-09-10 09:42 - 01793045 _____ C:\Users\Alex\Downloads\187096_12.rar
2016-09-10 09:32 - 2016-09-10 09:32 - 03557465 _____ C:\Users\Alex\Downloads\FIFA 15 Latest Squads file by Mark.rar
2016-09-08 22:27 - 2016-09-08 22:27 - 00001032 _____ C:\Users\Alex\Desktop\fifa15.exe - Verknüpfung.lnk
2016-09-08 21:29 - 2016-09-08 21:33 - 00000000 ____D C:\Users\Alex\Documents\FIFA 15
2016-09-08 18:54 - 2016-09-08 18:54 - 00026052 ____N C:\Users\Alex\Downloads\88340998f9d272bb5a71c5b978fb316b42cc1347.dlc
2016-09-08 16:46 - 2016-09-08 16:46 - 00000000 ____D C:\Users\Alex\Documents\Soundaufnahmen
2016-09-07 22:17 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avira
2016-09-07 22:17 - 2016-09-07 22:17 - 04446224 _____ (Avira Operations GmbH & Co. KG) C:\Users\Alex\Downloads\avira_de_avpn0_57d075bcae606__def.exe
2016-09-07 22:17 - 2016-09-07 22:17 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-07 22:17 - 2016-09-07 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-07 21:03 - 2016-09-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-09-07 20:28 - 2016-09-07 20:28 - 00014357 _____ C:\Users\Alex\Downloads\RollerCoaster.Tycoon.World.Early.Access.torrent
2016-09-07 20:26 - 2016-09-07 20:35 - 566719036 _____ C:\Users\Alex\Downloads\Rcsrtycnpltn.rar
2016-09-07 20:21 - 2016-09-07 20:21 - 00003342 _____ C:\WINDOWS\System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2}
2016-09-07 14:31 - 2016-09-07 14:31 - 86921726 _____ C:\Users\Alex\Downloads\LStThViC.rar
2016-09-07 14:30 - 2016-09-08 16:45 - 00000000 ____D C:\Users\Alex\Desktop\Lindsey Stirling
2016-09-07 14:30 - 2016-09-07 14:30 - 137263509 _____ C:\Users\Alex\Downloads\%2FLindsey_Stirling-Lindsey_Stirling-%28Deluxe_Edition%29-2013-C4.zip
2016-09-07 14:29 - 2016-09-07 14:32 - 118347516 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Brave_Enough-%28Limited_Deluxe_Edition%29-2016-C4.rar
2016-09-07 14:29 - 2016-09-07 14:30 - 111660182 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Shatter_Me-%28Deluxe_Edition%29-2014-C4.rar
2016-09-07 14:26 - 2016-09-07 14:25 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-09-07 14:24 - 2016-09-07 14:24 - 01196752 _____ (Adobe Systems Incorporated) C:\Users\Alex\Downloads\flashplayer22_xa_install.exe
2016-09-07 13:09 - 2016-09-07 13:13 - 01028096 ____N C:\Users\Alex\Downloads\Fernbus Simulator Free.img
2016-09-06 13:11 - 2016-09-06 13:11 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\libeay32.dll
2016-09-06 13:11 - 2016-09-06 13:11 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\ssleay32.dll
2016-09-06 13:10 - 2016-09-14 16:13 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-06 13:10 - 2016-09-06 13:10 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00000000 ____D C:\Program Files (x86)\FastSocial
2016-09-06 13:08 - 2016-09-06 13:08 - 00000381 _____ C:\Users\Alex\Downloads\FF16 TOR.txt
2016-09-06 08:34 - 2016-09-14 16:13 - 00000000 ____D C:\AdwCleaner
2016-09-06 08:34 - 2016-09-06 08:34 - 03826240 _____ C:\Users\Alex\Desktop\AdwCleaner_6.010.exe
2016-09-05 09:57 - 2016-09-05 09:57 - 01144832 _____ C:\Users\Alex\Downloads\Crack Setup.img
2016-09-02 20:44 - 2016-09-02 20:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Promotion Software GmbH
2016-09-02 20:39 - 2016-09-02 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2016-08-31 15:26 - 2016-08-31 15:26 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads (1).exe
2016-08-30 20:28 - 2016-08-30 20:28 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autobahn Police Simulator.lnk
2016-08-30 20:24 - 2016-08-30 20:24 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (2).asx
2016-08-30 13:45 - 2016-08-30 13:46 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2016-08-30 13:45 - 2016-08-30 13:45 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe
2016-08-30 13:45 - 2016-08-30 13:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2016-08-30 13:42 - 2016-08-30 13:42 - 01474568 _____ C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe
2016-08-30 11:43 - 2016-08-30 11:43 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe
2016-08-30 09:52 - 2005-05-17 15:39 - 00349265 _____ C:\Users\Alex\Desktop\tvtotalnippelboard.swf
2016-08-30 09:50 - 2016-08-30 09:52 - 395414331 _____ () C:\Users\Alex\Downloads\GLP - Soundboard Setup.exe
2016-08-30 09:48 - 2016-08-30 09:48 - 01474568 _____ C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
2016-08-29 21:18 - 2016-08-29 21:18 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads.exe
2016-08-29 21:15 - 2016-08-29 21:16 - 02000360 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_blacksheephd.exe
2016-08-29 20:53 - 2016-08-29 20:55 - 04411520 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_x96byzanard.exe
2016-08-29 20:47 - 2016-08-29 20:56 - 03227864 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_pioneerxdjrxbyzaik.exe
2016-08-29 10:28 - 2009-10-30 04:39 - 08151040 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CMICNFG3.dll
2016-08-29 10:28 - 2009-04-02 10:59 - 00143360 ____N C:\WINDOWS\SysWOW64\VmixP6.dll
2016-08-29 10:28 - 2008-07-23 12:59 - 00389120 ____N () C:\WINDOWS\system32\CMICNFG3.cpl
2016-08-29 10:28 - 2006-09-13 20:21 - 00200704 ____N (C-Media) C:\WINDOWS\SysWOW64\CMPaOxy.dll
2016-08-29 10:27 - 2016-08-29 10:28 - 00000188 _____ C:\WINDOWS\Cmicnfg3.ini.cfl
2016-08-29 10:27 - 2016-08-29 10:27 - 00792576 ____N C:\WINDOWS\system32\Cmeaupci.exe
2016-08-29 10:27 - 2016-08-29 10:27 - 00000183 _____ C:\WINDOWS\Cmicnfg3.ini.imi
2016-08-29 10:27 - 2016-08-29 10:27 - 00000130 _____ C:\WINDOWS\system\Dlap.pfx
2016-08-29 10:27 - 2016-08-29 10:27 - 00000122 _____ C:\WINDOWS\system\Cmicnfg3.ini
2016-08-29 10:27 - 2016-08-29 10:27 - 00000000 ____D C:\Users\Alex\Desktop\PCI-8738-091211-7.12.8.1740(W7-RC-01)
2016-08-29 10:27 - 2009-12-11 05:28 - 00002754 ____N C:\WINDOWS\cmudax3.ini
2016-08-29 10:27 - 2009-12-01 05:31 - 01155072 _____ (C-Media Inc) C:\WINDOWS\system32\Drivers\cmudax3.sys
2016-08-29 10:27 - 2009-08-19 10:00 - 00359424 ____N C:\WINDOWS\system32\CmiInstallResAll64.dll
2016-08-29 10:27 - 2008-10-15 09:41 - 00002123 ____N C:\WINDOWS\Cmicnfg3.ini.cfg
2016-08-29 10:27 - 2007-11-04 19:30 - 01144983 ____N C:\WINDOWS\SysWOW64\KB936225x64.msu
2016-08-29 10:27 - 2007-02-26 14:30 - 00036864 _____ (C-Media Electronics Ins.) C:\WINDOWS\system32\cmudax3.dll
2016-08-29 10:27 - 2006-10-05 23:45 - 00524768 _____ (Microsoft Corporation) C:\WINDOWS\difxapi.dll
2016-08-28 20:36 - 2016-08-28 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\ProgramData\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-08-28 20:32 - 2016-08-28 20:33 - 244782432 _____ (Native Instruments ) C:\Users\Alex\Downloads\Traktor 2 2.10.3 Setup PC.exe
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 __HDC C:\ProgramData\{EB9C1D32-304E-4E8E-8D44-C4102A190A39}
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 ____D C:\Backup
2016-08-28 20:28 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2016-08-28 18:15 - 2016-09-13 15:38 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-08-28 18:15 - 2016-08-31 15:01 - 00000000 ____D C:\Users\Alex\Documents\VirtualDJ
2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-08-28 18:14 - 2016-08-28 18:15 - 38203392 _____ C:\Users\Alex\Downloads\install_virtualdj_pc_v8.2.3343.msi
2016-08-28 17:52 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\AppData\Local\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 25035393 _____ C:\Users\Alex\Downloads\mixxx-2.0.0-win64.exe
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\Program Files\Mixxx
2016-08-28 17:41 - 2016-08-28 18:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zulu DJ-Software.lnk
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-28 17:40 - 2016-08-28 17:40 - 00974560 _____ (NCH Software) C:\Users\Alex\Downloads\zulusetup.exe
2016-08-28 17:40 - 2016-08-28 17:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NCH Software
2016-08-28 17:03 - 2016-08-28 17:03 - 38302328 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_virtualdj_home_v7.4.6.exe
2016-08-27 15:10 - 2016-08-27 15:10 - 02929520 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer.exe
2016-08-26 15:21 - 2016-08-26 15:21 - 01106840 _____ (Unity Technologies ApS) C:\Users\Alex\Downloads\UnityWebPlayer64.exe
2016-08-26 14:25 - 2016-08-26 14:25 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-08-25 21:58 - 2016-08-25 21:58 - 00000000 ____D C:\Users\Alex\Documents\Ghosthunters
2016-08-25 21:12 - 2016-08-25 21:12 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (1).asx
2016-08-23 22:19 - 2016-08-23 22:19 - 00000000 ____D C:\Users\Alex\Documents\Die Unfassbaren 2
2016-08-23 21:09 - 2016-08-23 21:09 - 00000000 ____D C:\Users\Alex\Documents\Die.wilden.Kerle.6.Die.Legende.lebt
2016-08-22 18:36 - 2016-08-22 18:36 - 00001187 _____ C:\Users\Alex\Desktop\Dynamo Dresden v RB Leipzig - DFB Pokal 1 Runde 2016_17_08.lnk
2016-08-22 18:25 - 2016-08-22 18:25 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Aspyr Media
2016-08-22 17:53 - 2016-08-22 17:53 - 00000744 _____ C:\Users\Public\Desktop\Layers of Fear - Masterpiece Edition.lnk
2016-08-22 17:52 - 2016-08-22 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloober Team SA
2016-08-20 15:42 - 2016-09-12 08:10 - 00000000 ____D C:\Users\Alex\Desktop\Musik
2016-08-18 21:09 - 2016-08-18 21:09 - 00003320 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-16 20:19 - 2016-08-16 20:19 - 00610769 _____ C:\Users\Alex\Downloads\depends22_x86.zip
2016-08-16 20:05 - 2016-08-16 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\Documents\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TomTom
2016-08-16 20:05 - 2016-08-16 20:05 - 00000000 ____D C:\Users\Alex\AppData\Local\TomTom
2016-08-16 20:03 - 2016-08-16 20:03 - 29403160 _____ C:\Users\Alex\Downloads\TomTomHOME2winlatest.exe
2016-08-16 20:00 - 2016-08-16 20:00 - 37565768 _____ (TomTom International B.V.) C:\Users\Alex\Downloads\InstallMyDriveConnect.exe
2016-08-16 20:00 - 2016-08-16 20:00 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-14 16:55 - 2015-03-30 17:38 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-14 16:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-09-14 16:22 - 2016-07-20 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 16:21 - 2016-07-21 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-14 16:21 - 2016-07-21 17:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 16:18 - 2015-05-04 14:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-14 16:17 - 2015-07-31 20:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Wise Care 365
2016-09-14 16:15 - 2015-12-22 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-14 16:15 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-14 16:14 - 2016-07-20 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-14 16:14 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-14 14:40 - 2015-08-06 17:26 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9976B872-EBCD-4E3B-A512-199270B5525F}
2016-09-14 12:27 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-14 11:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 08:29 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-13 21:22 - 2015-08-04 20:05 - 00000000 ____D C:\Users\Alex\Desktop\Sonstiges
2016-09-13 21:02 - 2014-12-31 21:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-13 20:50 - 2016-07-25 15:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-09-13 20:11 - 2015-04-01 12:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-13 11:55 - 2016-03-24 18:55 - 06502080 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-13 08:34 - 2015-07-31 20:20 - 00002127 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-09-12 10:35 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 10:29 - 2014-12-31 21:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2016-09-12 08:12 - 2016-07-25 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-12 01:15 - 2015-01-04 22:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-09-12 01:15 - 2015-01-02 16:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2016-09-11 23:20 - 2015-12-22 16:42 - 02113470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 23:20 - 2015-10-30 20:35 - 00898170 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-11 23:20 - 2015-10-30 20:35 - 00201656 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-11 23:20 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-11 22:43 - 2015-07-03 15:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-09-11 22:42 - 2015-07-03 15:19 - 00000000 ____D C:\Program Files\Rockstar Games
2016-09-09 22:07 - 2015-12-22 16:43 - 00000000 ____D C:\Users\Alex
2016-09-08 22:27 - 2015-01-02 20:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2016-09-08 13:14 - 2015-10-01 21:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2016-09-08 12:28 - 2015-01-01 12:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2016-09-08 12:00 - 2015-08-21 10:33 - 00000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2016-09-07 22:17 - 2014-12-31 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-07 22:17 - 2014-12-31 21:27 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-07 20:20 - 2015-01-03 13:40 - 00000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2016-09-07 14:33 - 2015-03-30 20:16 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 14:26 - 2015-09-13 09:21 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2016-09-07 14:26 - 2015-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 14:26 - 2015-03-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-07 14:25 - 2016-02-19 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00000000 ____D C:\Program Files\Java
2016-09-07 14:24 - 2015-01-01 21:08 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2016-09-07 13:07 - 2014-12-31 20:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-06 13:09 - 2016-07-26 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-04 19:09 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-02 09:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-29 16:38 - 2015-02-01 10:39 - 00000000 ____D C:\ProgramData\Ultra Vision Video Converter
2016-08-29 10:29 - 2016-01-17 10:33 - 00387176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-29 10:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-08-27 15:56 - 2015-09-03 19:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2016-08-27 15:10 - 2015-09-03 18:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2016-08-27 13:19 - 2015-11-10 14:32 - 00000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2016-08-27 09:24 - 2015-05-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ravenscourt
2016-08-22 18:55 - 2016-01-31 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2016-08-21 09:21 - 2015-08-17 19:42 - 00000000 ___RD C:\Users\Alex\Desktop\Bildbearbeitung
2016-08-20 15:21 - 2015-02-26 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-08-18 21:09 - 2015-08-04 19:56 - 00002416 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 21:09 - 2015-08-04 19:56 - 00000000 ___RD C:\Users\Alex\OneDrive
2016-08-16 20:03 - 2015-11-27 21:53 - 00000000 ____D C:\Users\Alex\AppData\Local\Downloaded Installations

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-15 18:22 - 2015-11-15 10:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2016-06-02 10:48 - 2016-06-02 10:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 15:38 - 2015-04-10 15:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 18:01 - 2015-07-04 18:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 20:25 - 2015-07-24 20:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 12:41 - 2015-11-18 12:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2015-12-22 16:38 - 2015-12-22 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Alex\AppData\Local\Temp\libeay32.dll
C:\Users\Alex\AppData\Local\Temp\msvcr120.dll
C:\Users\Alex\AppData\Local\Temp\proxy_vole4506188439364049303.dll
C:\Users\Alex\AppData\Local\Temp\sqlite3.dll
C:\Users\Alex\AppData\Local\Temp\VirtualDJ New Version.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-07 17:36

==================== Ende von FRST.txt ============================

bohm 14.09.2016 16:28
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-09-2016
durchgeführt von Alex (14-09-2016 17:04:35)
Gestartet von C:\Users\Alex\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-22 15:12:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2927967124-101175508-2003510897-500 - Administrator - Enabled) => C:\Users\Administrator
Alex (S-1-5-21-2927967124-101175508-2003510897-1000 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2927967124-101175508-2003510897-503 - Limited - Disabled)
Gast (S-1-5-21-2927967124-101175508-2003510897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2927967124-101175508-2003510897-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
18 Wheels of Steel Extreme Trucker 2 (HKLM-x32\...\{A2B65355-E44A-4662-9533-AB5A4A3533ED}) (Version: 1.00.0000 - Valusoft)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 17.0.2946.11963 - AKVIS)
Armored Warfare MyCom (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom) (Version: 1.96 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
Autobahn Police Simulator MULTI4 (HKLM\...\YXV0b2JhaG5wb2xpY2VzaW11bGF0b3I_is1) (Version: 1 - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BASE (HKLM-x32\...\{B4D9F24E-C5C2-4B5E-A56D-8E13E0729C64}) (Version: 1.0.0 - d3)
Berg und Tunnelbau (HKLM-x32\...\Mining and Tunneling) (Version:  - )
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dance eJay 7 (HKLM-x32\...\{A18BB607-BC5A-474E-88FD-C215B91A0F97}) (Version: 7 - Empire Interactive)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
DIG IT! - A Digger Simulator (HKLM\...\Steam App 311910) (Version:  - Cape Copenhagen)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2016 (HKLM-x32\...\Emergency 2016_is1) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastSocial version 1 (HKLM-x32\...\{0C9D97C7-4EC9-4BAB-AE9E-FA4F9EE56484}_is1) (Version: 1 - )
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
GdZ WoT ModPack Version 0.9.15.1.5 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.15.1.5 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.113 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Heart's Medicine: Time to Heal (HKLM\...\aGVhcnRzbWVkaWNpbmV0aW1ldG9oZWFs_is1) (Version: 1 - )
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita Desktop (x86) "2.9.6.3" (HKLM-x32\...\{ACF8935C-CA56-43D2-A923-DD95CBCE1BEB}) (Version: 2.9.6.3 - Krita Foundation)
Layers of Fear (HKLM-x32\...\Layers of Fear_is1) (Version:  - )
Life is Strange (HKLM-x32\...\Life is Strange_is1) (Version:  - )
Locks Pro (HKLM-x32\...\Locks Pro) (Version:  - )
Logistics Company (HKLM\...\Steam App 328310) (Version:  - Crenetic GmbH Studios)
Logitech Gaming Software 64 (HKLM-x32\...\InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Model_Viewer (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\007d47cbc8a50530) (Version: 2.0.0.23 - WOT MODEL VIEWER)
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Nesbox Companion (HKLM-x32\...\com.nesbox.companion) (Version: 1.1 - UNKNOWN)
Nesbox Companion (x32 Version: 1.1 - UNKNOWN) Hidden
null (HKLM-x32\...\MonsterMaker) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.5.1.212 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.212 - Odem Mortis)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.06 - aerosoft)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.306.0 - Overwolf Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProTrain Perfect 2 - Dresden - Leipzig - (HKLM-x32\...\{509E436F-FEEA-49BC-BD16-8F5F67D715E1}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nord-Süd 2  - Update (HKLM-x32\...\{2DE73DB6-37F4-4580-97A0-505D478EF02A}) (Version: 1.31 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 4 - S-Bahn Berlin- Update 1.1 (HKLM-x32\...\{56706286-0B7A-46A3-9835-CF1ACB4BBFE2}) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RESCUE 2013 (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\RESCUE 2013) (Version: 1.30.00.00 - rondomedia GmbH)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version:  - )
Samantha Swift and the Golden Touch (HKLM-x32\...\Samantha Swift and the Golden Touch) (Version: 1.1.0.0 - MumboJumbo)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Application Controller (HKLM-x32\...\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1) (Version: 1.00 - Smart Application Controller)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Last Dream - Developer's Edition (HKLM-x32\...\The Last Dream - Developer's Edition_is1) (Version:  - )
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.0.0 - Tweaking.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UK Truck Simulator 1.11 (HKLM-x32\...\UK Truck Simulator) (Version: 1.11 - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VirtualDJ 8 (HKLM-x32\...\{AC964E48-8E21-4622-9073-AD42BC6A57B1}) (Version: 8.2.3343.0 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wonderland Solitaire (HKLM-x32\...\Wonderland Solitaire) (Version:  - )
World Series Of Poker  (HKLM-x32\...\World_Series_Of_Poker_1.0) (Version:  - )
X-Mouse Button Control 2.9.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.9.1 - Highresolution Enterprises)
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.63 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03721160-D3EC-4395-9515-90AF4387D601} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-09-07] (Overwolf LTD)
Task: {08071F0B-7A8F-4307-AC19-CAC94B3D7CF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {088BCE7E-C0DF-4878-9566-F3DF074A0850} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft)
Task: {11072F2E-CF5D-4042-8117-BF302C3D1134} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {2D6D5D52-DEB4-4D7E-8582-BFA2594CE8A4} - System32\Tasks\{E38CF82E-0E32-471D-AF9A-11ACBB05F575} => pcalua.exe -a "D:\Spiele\Black &amp; White\Setup.exe" -d "D:\Spiele\Black &amp; White"
Task: {3219B889-3FAF-4BA3-87DF-9656385F0909} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {3D26F772-E706-43C1-BB76-960259E909D5} - \Joropygrosak Debuger -> Keine Datei <==== ACHTUNG
Task: {3E59135F-C845-4CA7-9306-09BA53D3BF10} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {3ECA284F-6060-4355-8201-2B3667D6A8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {48A39499-C887-47AB-A03E-EC1284135582} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
Task: {739D6E46-1EBE-45B0-B3A8-BE4B706B11C9} - System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2} => pcalua.exe -a "D:\Spielei\RollerCoaster Tycoon 3 Platinum\RCT3.EXE" -d "D:\Spielei\RollerCoaster Tycoon 3 Platinum"
Task: {7D66D896-7E61-483F-AC36-CBF7B2F70AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-09] (Microsoft Corporation)
Task: {82459BE3-0FD2-4083-A85E-4E159CB47C66} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {9459BA5A-FD31-4742-B874-E18D2F2CFA4F} - System32\Tasks\{9F699765-8CF8-476D-B4B0-17A827A46CA3} => C:\Program Files (x86)\Origin\Origin.exe [2015-03-24] (Electronic Arts)
Task: {981322A7-5CE4-419F-9EE9-A5B122E6477F} - System32\Tasks\CheckControllerUpdatesUA => C:\Program Files (x86)\Smart Application Controller\smappscontroller.exe [2016-07-13] (Smart Application Controller)
Task: {A1F15BE6-717C-4421-B6F5-31A5D6F3E16A} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-07-27] (WiseCleaner.com)
Task: {A395D13F-8616-4430-AA41-59C643D31545} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {BCE3DD01-4356-448D-B9F2-B66F03DA84E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {C90E9125-55FE-459E-B59C-A8CC3EDC83B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DF339562-E44E-4C7B-BFED-89CD5B300750} - System32\Tasks\{E32C968D-9A4A-468A-9739-5EC5DD81248A} => pcalua.exe -a "F:\Wolfenstein The Old Blood German Uncut Edition\WOLF.OB.GUE.exe" -d "F:\Wolfenstein The Old Blood German Uncut Edition"
Task: {E27BD397-DC88-4C92-9D33-9AEBB4FF1077} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {FD8DDAD2-0AB1-4C79-8872-2DE3B0CAA13A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alex\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{F6416E63-CBFE-49C4-8CFC-2042B9323E65}\SupportTasks\1\Support.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{F6416E63-CBFE-49C4-8CFC-2042B9323E65}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.activisiono2.com/tony_hawk/main.asp/
Shortcut: C:\Users\Alex\AppData\Local\Microsoft\Windows\GameExplorer\{78751FE4-B96B-4715-A617-314D7C47A2A0}\SupportTasks\0\Support.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-31 20:57 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-20 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-20 14:56 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 21:09 - 2016-08-18 21:09 - 01864384 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2015-08-15 14:42 - 2015-08-15 14:42 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-23 10:07 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-20 14:57 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-20 14:56 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-20 14:56 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-20 14:56 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-20 14:56 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-12 08:12 - 2016-09-12 08:12 - 00162304 ____N () C:\Program Files\Mozilla Firefox\WTSAPI32.dll
2016-09-12 08:12 - 2016-09-12 08:12 - 00301568 ____N () c:\program files (x86)\prerpetaincliiph\clhbuilder.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Alex\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-06 13:11 - 00001037 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Control Panel\Desktop\\Wallpaper -> F:\Oskar\Neuer Ordner (21)\Neuer Ordner (8)\IMG-20160619-WA0004.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "TomTomHOME.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{B8EC54F5-26ED-48D9-8E73-FD26BA352BB4}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{185431DA-2C79-4C60-AF6B-330AB0971EA2}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{203E9AAD-FAA1-49B9-9BE9-F2C2271A368F}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{D7B962F1-105F-488E-9678-984032B74CFF}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{59F51F14-EE3A-45A9-9C87-9485BF612573}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{2453E5A1-8AEF-432D-9F29-4435D9123DAF}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{68A87591-6E15-49C9-B6D5-00E0404EE469}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{98862868-268B-46F0-A7A1-F419B1F37ED4}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{A37D346B-E470-486D-886A-AB7A70CEA756}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{9941EBEE-8E38-4E5A-B75F-BF3E22A5007B}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{86285CEE-479B-46FD-B323-93D13AFF6BB7}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{F028F5E8-B9B2-4FFD-8967-454EF0D5C8AD}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{055257B4-7DB5-421A-B9CE-FC9A2768CEC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64626A8F-D518-4A3E-B800-B6E6E12D8A6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{351CF24C-5C76-480D-8504-68E0AD1843D7}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{948DAF27-C71D-4CC4-BE10-89DB3D4046BC}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{253899B7-30F0-40FA-820D-42FC5EE64BDD}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{E6B46A64-C7FB-4B76-BDA2-7F8CE5C19BE2}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{7B9803AD-565F-484F-A3AC-7608B4E027C0}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B7B8C30-490B-4165-91C9-0BA2ECF08FE9}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{63B3C213-6114-4963-A3D3-EB3CD2016612}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B77A2EB4-C11B-43C6-BFA5-0DF9C825F01D}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{ABC853EF-AA7D-4B6B-9898-2DE7F7131D17}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{3DE2D36C-CCC9-4E7F-A312-82C6FF4BAE64}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{4D80A436-398C-4BA4-9626-484B2BD6890B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C15BD84-ED5D-442F-B454-6093E1A34678}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F520FDF6-D5AF-49EE-9672-80D2D78A1ECE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DE4A103C-31F4-40A1-8F16-31CB15E8865C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8A82E90F-A1DD-4E49-867E-0D95254879E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DC96D98-714F-4456-ABFD-E54CF194D6CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E0C7D29-7456-4E18-8D41-C374DB54F8EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BEE464F7-4F1A-4DC3-A9DF-C6496F7DC8EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F73A41F2-F6B4-4D42-94B0-24FB215C452E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D2EE8800-F670-445E-8AED-196AEE247BB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B8F73D0-7764-46F2-8DA0-FDE0DE8DFE90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{676D9C46-E14F-4026-ADDE-B2C63446D955}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B35FD59-01B0-44F0-85EF-E4ED1F88E13B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A3D99F3-D921-426B-B7DF-7324B11E5EAF}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{10DFF208-43B4-487F-B87C-EC2EDD159280}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [TCP Query User{267A32AA-CDCA-4691-A944-9E604C81E46D}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [UDP Query User{B181587D-6A97-4BAD-A8D4-A6AF6CBCC296}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{EEF9EBA0-1956-40F6-B77F-614DD4EA5722}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{9F3E3F30-F41B-4865-BE41-83FE9833B3F6}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{1BE673C4-9EBC-4746-8864-4EF8DE737B8F}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{94ED7558-F682-4093-9313-F8ACBF078BE0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{97934D29-83EA-4C92-A58B-9C1490FA8661}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{BD969C95-3B4F-47ED-9D72-B0B16C1B9221}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{65209785-178C-4995-A308-6B16828E82FC}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{C765AC84-C3C6-4381-B834-7A4D9C1A7519}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{D0FB81DC-360F-4A36-8512-FD557837FBD0}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{612D9E77-960F-447F-900B-BA528AD8C8C3}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{DE0D30BD-785F-4C6E-AB2E-B2EA5B95A212}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{785C73F8-5AFE-469E-9E2D-2F1B814DE3C8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{0B571320-7652-4382-A54C-630B0BBABE66}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{B1D7EA1F-B066-4CA0-8D50-E89501B0C6F0}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{CBF73693-887B-4786-989A-E6B514955243}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{BAD49B2D-5B7E-4239-97FF-CCCC34FCE690}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{39235AEA-0DD2-4CDA-B963-38FB32CEC0B1}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{31F01DEC-1B23-430D-93A4-34E1165168BA}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [UDP Query User{663B8EBA-8FDD-4379-A5DB-5EAE3D1D4F06}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{6C958C17-0A38-493E-99CC-B87F1FDB242D}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [UDP Query User{5455F566-360E-4D82-AF47-7E01DC44F3E8}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [TCP Query User{4FC326C9-DD65-4C55-B7CF-F00DC2A25734}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [UDP Query User{3DDC05D5-A11D-4FFF-9EBE-07A822FE9984}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [{15350DE1-C269-45CC-9C37-ED444708E09B}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{0FAB828E-4B69-4960-AB60-B6E47BD20F3C}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{822BDA0E-5DAC-4BA9-84DE-BEFCED48F171}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{E3475040-EF12-4BFA-90D4-5CCFFD4182C3}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{D5402871-D6DB-4AF8-A11B-211A8FC142C0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C55D6CF-C802-4747-B16E-96E20EA42E76}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{0653881F-C4F1-483B-9EEF-03B6E478915E}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [UDP Query User{2C652085-C216-4B0B-B1F6-DFD07D862D05}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [TCP Query User{CE25C343-01B1-4AC8-B589-828CC9C63538}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [UDP Query User{329E50C5-1D43-40B1-AE0C-DF02A1473FFA}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [TCP Query User{1ABB671C-E149-4942-90E0-2FB13CF7EA4F}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [UDP Query User{EDFA809B-57F0-462A-B2AA-19CD31295828}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [TCP Query User{6608EC4A-642D-47C4-AD82-C8174517D431}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [UDP Query User{F3A2D79C-8F64-4056-9DA6-9D402E8BCB68}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [TCP Query User{2203F989-B0FB-4A66-B5AC-7606BEEE091E}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{1A43CF24-88C0-4887-9A94-04DFD8A1B8FD}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{15842196-AF0E-4252-8B98-1B0C1BD6F6C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5EDC8EF-6825-4B8C-BB28-47C641330927}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{71654F9A-49E1-4DB8-90D1-E6FDEE57BB02}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [UDP Query User{389B68A3-BDB8-4CC7-B5F1-B9EAD578C78D}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [TCP Query User{9022ED3A-732F-4D6B-B4A2-039E2232E84D}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [UDP Query User{50273C90-0B32-483A-82AB-CE40A761D30A}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [TCP Query User{A09AC952-684E-4B97-9EFD-1E9962A6A6C6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{339B0FA0-5B3B-4771-B2CC-A7B468AB37BF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CAA3658F-D1DC-499D-A613-9D1FE46AC2EC}] => (Allow) D:\Spiele\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{7E1EC7E7-AD73-4F85-9297-13EB50549D60}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{5DABB8C9-E523-4BC0-B006-53BBB5DF8814}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{2D262BCC-E6F4-4697-87CB-E62DEBB048DC}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{43DC8776-57FD-40B5-91B0-CBD2C03C5632}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{012D1E29-64E0-446B-83D6-0A35E49F4953}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-09-2016 10:33:38 Malwarebytes Anti-Rootkit Restore Point
13-09-2016 20:15:41 JRT Pre-Junkware Removal
13-09-2016 20:44:23 JRT Pre-Junkware Removal
14-09-2016 16:57:44 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/14/2016 04:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service JoropygrosakDebuger since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (09/14/2016 04:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/14/2016 04:23:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 02:55:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:06:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:05:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/13/2016 09:05:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.


Systemfehler:
=============
Error: (09/14/2016 04:58:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/14/2016 04:25:02 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:57 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:57 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/14/2016 04:24:56 PM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-09-14 16:53:51.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.141
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.086
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:14.984
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:13.570
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:54.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:54.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:54.699
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:52.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8190.11 MB
Verfügbarer physikalischer RAM: 5829.11 MB
Summe virtueller Speicher: 8702.11 MB
Verfügbarer virtueller Speicher: 6464.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:21.78 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:319.27 GB) (Free:67.11 GB) NTFS
Drive f: (HITACHI) (Fixed) (Total:931.28 GB) (Free:111.51 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A8DAA8DA)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0DEE6153)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

M-K-D-B 15.09.2016 20:44
Servus,



es macht wenig Sinn, wenn du die von mir geposteten Schritte in einer anderen Reihenfolge ausführst... :rolleyes:
Bitte zukünftig die Reihenfolge einhalten.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CMD: type "C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles.ini"
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

bohm 16.09.2016 21:13
Sorry wegen der Reihenfolge!

Werde morgen im laufe des Tages die nächsten Schritte durchführen!

MfG

M-K-D-B 16.09.2016 21:22
ok :)

bohm 17.09.2016 15:38
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Alex (17-09-2016 16:30:00) Run:2
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CMD: type "C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles.ini"
end
*****************


========= type "C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========

[General]
StartWithLastProfile=1

[Profile0]
Name=default
IsRelative=1
Path=Profiles/NvwHxp1R.default

[Profile1]
Name=Alex
IsRelative=1
Path=Profiles/n4plk0l5.Alex
Default=1


========= Ende von CMD: =========


==== Ende von Fixlog 16:30:01 ====
FRST Teil 1

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Alex (Administrator) auf PEACHY (17-09-2016 16:30:22)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Wargaming.net) D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.570_none_7645b09c266beb53\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\Syswow64\CMICNFG3.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE" RunWithWindows
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {0f748fbf-2152-11e5-8233-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {94b3fc27-1c9b-11e5-ac5a-50465d90560b} - "H:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{faa03109-abab-40bf-9edb-fcd71145efd5}: [DhcpNameServer] 192.168.224.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-14]

Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-09-14] <==== ACHTUNG
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-12]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2016-09-14]
CHR Extension: (Google Präsentationen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-26]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-26]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-26]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-06]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-26]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-26]
CHR Extension: (Myinstants Soundboard) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fggacdedkdoacbemcilniodecinpfkgi [2016-08-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-26]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (mydlink services plugin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2016-07-26]
CHR Extension: (Google Maps) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-26]
CHR Extension: (Mein Chrome-Design) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-07-26]
CHR Extension: (SEGA GENESIS / SEGA Mega Drive Emulator) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnmgamcdbdieifheiiphnbbbcaofcbc [2016-07-26]
CHR Extension: (Emulador de Super Nintendo) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffhngmcplldclknnkmkkecjlhhccmid [2016-07-26]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-26]
CHR Extension: (RHS) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkaifndebjpbndephomibbjjbnokmfab [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR Extension: (Audio Cutter) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-09-07] (Overwolf LTD)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [20128 2016-01-15] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-17 16:30 - 2016-09-17 16:30 - 00023908 _____ C:\Users\Alex\Desktop\FRST.txt
2016-09-17 16:30 - 2016-09-17 16:30 - 00000818 _____ C:\Users\Alex\Desktop\Fixlog.txt
2016-09-17 16:29 - 2016-09-17 16:29 - 00000000 ____D C:\Users\Alex\Desktop\FRST-OlderVersion
2016-09-14 17:23 - 2016-09-17 16:29 - 00000000 ____D C:\Users\Alex\Desktop\VP
2016-09-14 16:20 - 2016-09-14 16:20 - 22851472 _____ (Malwarebytes ) C:\Users\Alex\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-14 16:08 - 2016-09-14 16:08 - 00004542 _____ C:\Users\Alex\Desktop\14.09.16.txt
2016-09-14 14:48 - 2016-09-07 07:26 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-14 14:48 - 2016-09-07 06:48 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-14 14:48 - 2016-09-07 06:43 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-14 14:48 - 2016-09-07 06:35 - 24611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-14 14:48 - 2016-09-07 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-14 14:48 - 2016-09-07 06:31 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-09-14 14:48 - 2016-09-07 06:31 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-14 14:48 - 2016-09-07 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-14 14:48 - 2016-09-07 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-14 14:48 - 2016-09-07 06:30 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-14 14:48 - 2016-09-07 06:29 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-14 14:48 - 2016-09-07 06:26 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-14 14:48 - 2016-09-07 06:26 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-14 14:48 - 2016-09-07 06:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-14 14:48 - 2016-09-07 06:22 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-14 14:48 - 2016-09-07 06:15 - 07831552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 01098640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00620176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-14 14:47 - 2016-09-07 07:37 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-14 14:47 - 2016-09-07 07:27 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-14 14:47 - 2016-09-07 07:27 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-14 14:47 - 2016-09-07 07:26 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 01152320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00847648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00588320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00586200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-14 14:47 - 2016-09-07 07:25 - 02607336 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-14 14:47 - 2016-09-07 07:25 - 01270064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-14 14:47 - 2016-09-07 07:24 - 00511312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00496360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00355672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-14 14:47 - 2016-09-07 07:23 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-09-14 14:47 - 2016-09-07 07:23 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 02937384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 01128096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-14 14:47 - 2016-09-07 07:22 - 01085728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-14 14:47 - 2016-09-07 07:20 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-09-14 14:47 - 2016-09-07 07:19 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-14 14:47 - 2016-09-07 07:15 - 00911640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-09-14 14:47 - 2016-09-07 07:12 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-09-14 14:47 - 2016-09-07 07:12 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-14 14:47 - 2016-09-07 07:08 - 00116216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-14 14:47 - 2016-09-07 06:52 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-09-14 14:47 - 2016-09-07 06:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-14 14:47 - 2016-09-07 06:49 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-14 14:47 - 2016-09-07 06:48 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-14 14:47 - 2016-09-07 06:47 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-14 14:47 - 2016-09-07 06:46 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-14 14:47 - 2016-09-07 06:46 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-14 14:47 - 2016-09-07 06:44 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-14 14:47 - 2016-09-07 06:44 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2016-09-14 14:47 - 2016-09-07 06:42 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-14 14:47 - 2016-09-07 06:42 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-14 14:47 - 2016-09-07 06:40 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-09-14 14:47 - 2016-09-07 06:40 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2016-09-14 14:47 - 2016-09-07 06:39 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-14 14:47 - 2016-09-07 06:39 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2016-09-14 14:47 - 2016-09-07 06:39 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2016-09-14 14:47 - 2016-09-07 06:38 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2016-09-14 14:47 - 2016-09-07 06:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-09-14 14:47 - 2016-09-07 06:38 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2016-09-14 14:47 - 2016-09-07 06:38 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2016-09-14 14:47 - 2016-09-07 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 01568768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2016-09-14 14:47 - 2016-09-07 06:36 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-14 14:47 - 2016-09-07 06:35 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-14 14:47 - 2016-09-07 06:34 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-09-14 14:47 - 2016-09-07 06:32 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-14 14:47 - 2016-09-07 06:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-14 14:47 - 2016-09-07 06:32 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-14 14:47 - 2016-09-07 06:31 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-14 14:47 - 2016-09-07 06:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 02476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-14 14:47 - 2016-09-07 06:29 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-14 14:47 - 2016-09-07 06:28 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-14 14:47 - 2016-09-07 06:28 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc_ssp.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-09-14 14:47 - 2016-09-07 06:28 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2016-09-14 14:47 - 2016-09-07 06:28 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-14 14:47 - 2016-09-07 06:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2016-09-14 14:47 - 2016-09-07 06:25 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-09-14 14:47 - 2016-09-07 06:22 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-14 14:47 - 2016-09-07 06:22 - 02106368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 02527232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-14 14:47 - 2016-09-07 06:20 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-14 14:47 - 2016-09-07 06:20 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01194496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-09-14 14:47 - 2016-09-07 06:15 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 02553856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-14 14:47 - 2016-09-07 06:13 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 14:47 - 2016-09-07 06:13 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-09-14 14:47 - 2016-09-07 06:12 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-14 14:47 - 2016-09-07 06:11 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-14 14:47 - 2016-09-07 06:11 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-09-14 14:47 - 2016-09-07 06:10 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-14 14:47 - 2016-09-07 06:10 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-09-14 14:47 - 2016-09-05 02:37 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-14 14:46 - 2016-09-07 07:39 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-14 14:46 - 2016-09-07 07:39 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-14 14:46 - 2016-09-07 07:39 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 00799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00705576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00601744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00414232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00337328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00328520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-14 14:46 - 2016-09-07 07:37 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-14 14:46 - 2016-09-07 07:36 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-09-14 14:46 - 2016-09-07 07:36 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-14 14:46 - 2016-09-07 07:35 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-14 14:46 - 2016-09-07 07:35 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-14 14:46 - 2016-09-07 07:35 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-09-14 14:46 - 2016-09-07 07:34 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-14 14:46 - 2016-09-07 07:33 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00693592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-09-14 14:46 - 2016-09-07 07:25 - 01447776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-09-14 14:46 - 2016-09-07 07:25 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 01118200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-09-14 14:46 - 2016-09-07 07:22 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-14 14:46 - 2016-09-07 07:22 - 00359256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-14 14:46 - 2016-09-07 07:21 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-14 14:46 - 2016-09-07 07:21 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-14 14:46 - 2016-09-07 07:20 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02773088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02548936 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02144512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-14 14:46 - 2016-09-07 07:15 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-14 14:46 - 2016-09-07 07:15 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-09-14 14:46 - 2016-09-07 07:13 - 01865584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-09-14 14:46 - 2016-09-07 07:12 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-14 14:46 - 2016-09-07 07:12 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-09-14 14:46 - 2016-09-07 07:11 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-14 14:46 - 2016-09-07 07:11 - 00057912 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-14 14:46 - 2016-09-07 07:07 - 01951848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-14 14:46 - 2016-09-07 06:53 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2016-09-14 14:46 - 2016-09-07 06:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-14 14:46 - 2016-09-07 06:47 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-14 14:46 - 2016-09-07 06:46 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2016-09-14 14:46 - 2016-09-07 06:46 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-14 14:46 - 2016-09-07 06:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2016-09-14 14:46 - 2016-09-07 06:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2016-09-14 14:46 - 2016-09-07 06:43 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys
2016-09-14 14:46 - 2016-09-07 06:42 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-09-14 14:46 - 2016-09-07 06:41 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2016-09-14 14:46 - 2016-09-07 06:41 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-14 14:46 - 2016-09-07 06:41 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-14 14:46 - 2016-09-07 06:40 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2016-09-14 14:46 - 2016-09-07 06:40 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Cortana.ProxyStub.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-14 14:46 - 2016-09-07 06:36 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwcfg.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-14 14:46 - 2016-09-07 06:35 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2016-09-14 14:46 - 2016-09-07 06:34 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-09-14 14:46 - 2016-09-07 06:34 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2016-09-14 14:46 - 2016-09-07 06:33 - 01813504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-14 14:46 - 2016-09-07 06:33 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2016-09-14 14:46 - 2016-09-07 06:33 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 04213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc_ssp.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2016-09-14 14:46 - 2016-09-07 06:31 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authfwcfg.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01558528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-09-14 14:46 - 2016-09-07 06:30 - 01318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-14 14:46 - 2016-09-07 06:29 - 01465344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-09-14 14:46 - 2016-09-07 06:29 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-14 14:46 - 2016-09-07 06:27 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-09-14 14:46 - 2016-09-07 06:26 - 01537536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-14 14:46 - 2016-09-07 06:25 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-09-14 14:46 - 2016-09-07 06:24 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-14 14:46 - 2016-09-07 06:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-14 14:46 - 2016-09-07 06:24 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-09-14 14:46 - 2016-09-07 06:23 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-14 14:46 - 2016-09-07 06:23 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-09-14 14:46 - 2016-09-07 06:23 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2016-09-14 14:46 - 2016-09-07 06:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 03093504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 01297408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-14 14:46 - 2016-09-07 06:22 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-09-14 14:46 - 2016-09-07 06:21 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2016-09-14 14:46 - 2016-09-07 06:21 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-14 14:46 - 2016-09-07 06:19 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-14 14:46 - 2016-09-07 06:19 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-14 14:46 - 2016-09-07 06:18 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-14 14:46 - 2016-09-07 06:18 - 04826624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-14 14:46 - 2016-09-07 06:15 - 02772480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-14 14:46 - 2016-09-07 06:15 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 03078656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 02573824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-14 14:46 - 2016-09-07 06:11 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-14 14:46 - 2016-09-07 06:10 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-14 14:46 - 2016-09-07 06:10 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-09-14 14:46 - 2016-09-07 06:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-09-14 14:46 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 07468896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 14:45 - 2016-09-07 07:39 - 01997832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 01862000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-14 14:45 - 2016-09-07 07:34 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-09-14 14:45 - 2016-09-07 07:26 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-14 14:45 - 2016-09-07 07:26 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-14 14:45 - 2016-09-07 07:22 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00742192 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-14 14:45 - 2016-09-07 07:22 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-14 14:45 - 2016-09-07 07:22 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-09-14 14:45 - 2016-09-07 07:21 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-14 14:45 - 2016-09-07 07:21 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-14 14:45 - 2016-09-07 07:20 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-14 14:45 - 2016-09-07 07:19 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-09-14 14:45 - 2016-09-07 07:15 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-14 14:45 - 2016-09-07 07:14 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-14 14:45 - 2016-09-07 07:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-14 14:45 - 2016-09-07 07:13 - 02186856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-09-14 14:45 - 2016-09-07 07:12 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 02187408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-09-14 14:45 - 2016-09-07 07:08 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-09-14 14:45 - 2016-09-07 07:07 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-09-14 14:45 - 2016-09-07 06:46 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-14 14:45 - 2016-09-07 06:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2016-09-14 14:45 - 2016-09-07 06:43 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2016-09-14 14:45 - 2016-09-07 06:42 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-09-14 14:45 - 2016-09-07 06:41 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-14 14:45 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-14 14:45 - 2016-09-07 06:40 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-14 14:45 - 2016-09-07 06:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2016-09-14 14:45 - 2016-09-07 06:39 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-09-14 14:45 - 2016-09-07 06:36 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-14 14:45 - 2016-09-07 06:35 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2016-09-14 14:45 - 2016-09-07 06:35 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbceip.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-14 14:45 - 2016-09-07 06:32 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppinst.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-14 14:45 - 2016-09-07 06:31 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 14251520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-14 14:45 - 2016-09-07 06:30 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-09-14 14:45 - 2016-09-07 06:30 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-09-14 14:45 - 2016-09-07 06:28 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-09-14 14:45 - 2016-09-07 06:26 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-09-14 14:45 - 2016-09-07 06:25 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-09-14 14:45 - 2016-09-07 06:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-14 14:45 - 2016-09-07 06:23 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 12585472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-09-14 14:45 - 2016-09-07 06:21 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-09-14 14:45 - 2016-09-07 06:21 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2016-09-14 14:45 - 2016-09-07 06:21 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 06976000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-14 14:45 - 2016-09-07 06:20 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-09-14 14:45 - 2016-09-07 06:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-14 14:45 - 2016-09-07 06:19 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2016-09-14 14:45 - 2016-09-07 06:19 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2016-09-14 14:45 - 2016-09-07 06:17 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-09-14 14:45 - 2016-09-07 06:17 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 01978880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-14 14:45 - 2016-09-07 06:12 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-09-14 14:45 - 2016-09-07 06:12 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-14 14:45 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-09-14 14:45 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2016-09-14 14:45 - 2016-09-07 05:57 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-14 08:58 - 2016-09-14 08:58 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-13 21:14 - 2016-09-13 21:17 - 00059030 _____ C:\Users\Alex\Downloads\Addition.txt
2016-09-13 21:12 - 2016-09-17 16:30 - 00000000 ____D C:\FRST
2016-09-13 21:12 - 2016-09-17 16:29 - 02399232 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2016-09-13 21:12 - 2016-09-13 21:17 - 00048192 _____ C:\Users\Alex\Downloads\FRST.txt
2016-09-13 21:10 - 2016-09-13 21:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Downloads\tdsskiller.exe
2016-09-13 21:04 - 2016-09-13 21:04 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2016-09-13 21:02 - 2016-09-17 11:09 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-13 21:02 - 2016-09-17 11:09 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-13 21:00 - 2016-09-17 11:09 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 21:00 - 2016-09-17 10:38 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 21:00 - 2016-09-13 21:00 - 00004178 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-13 21:00 - 2016-09-13 21:00 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\Program Files\VS Revo Group
2016-09-13 20:14 - 2016-09-13 20:45 - 07093624 _____ (VS Revo Group ) C:\Users\Alex\Downloads\revosetup_2.0.exe
2016-09-13 20:13 - 2016-09-13 20:15 - 01610560 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avg
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-12 08:10 - 2016-09-12 10:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MyTransitGuide

bohm 17.09.2016 15:39
FRST Teil 2

Code:
2016-09-12 08:08 - 2016-09-12 08:08 - 01208320 _____ C:\Users\Alex\Downloads\fernbus_simulator_conspir4cy_crackrar.img
2016-09-11 22:59 - 2016-09-11 22:59 - 00000000 ____D C:\Users\Alex\Documents\The.Task
2016-09-11 22:28 - 2016-09-11 22:28 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\uTorrent
2016-09-11 21:34 - 2016-09-11 21:34 - 00016719 _____ C:\Users\Alex\Downloads\Fernbus_Simulator_2016.torrent
2016-09-11 19:42 - 2016-09-11 19:44 - 109132576 _____ C:\Users\Alex\Downloads\LMFAO_-_Sorry_For_Party_Rocking-2011-MOD.rar
2016-09-10 09:42 - 2016-09-10 09:42 - 01793045 _____ C:\Users\Alex\Downloads\187096_12.rar
2016-09-10 09:32 - 2016-09-10 09:32 - 03557465 _____ C:\Users\Alex\Downloads\FIFA 15 Latest Squads file by Mark.rar
2016-09-08 22:27 - 2016-09-08 22:27 - 00001032 _____ C:\Users\Alex\Desktop\fifa15.exe - Verknüpfung.lnk
2016-09-08 21:29 - 2016-09-08 21:33 - 00000000 ____D C:\Users\Alex\Documents\FIFA 15
2016-09-08 18:54 - 2016-09-08 18:54 - 00026052 ____N C:\Users\Alex\Downloads\88340998f9d272bb5a71c5b978fb316b42cc1347.dlc
2016-09-08 16:46 - 2016-09-08 16:46 - 00000000 ____D C:\Users\Alex\Documents\Soundaufnahmen
2016-09-07 22:17 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avira
2016-09-07 22:17 - 2016-09-07 22:17 - 04446224 _____ (Avira Operations GmbH & Co. KG) C:\Users\Alex\Downloads\avira_de_avpn0_57d075bcae606__def.exe
2016-09-07 22:17 - 2016-09-07 22:17 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-07 22:17 - 2016-09-07 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-07 21:03 - 2016-09-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-09-07 20:28 - 2016-09-07 20:28 - 00014357 _____ C:\Users\Alex\Downloads\RollerCoaster.Tycoon.World.Early.Access.torrent
2016-09-07 20:26 - 2016-09-07 20:35 - 566719036 _____ C:\Users\Alex\Downloads\Rcsrtycnpltn.rar
2016-09-07 20:21 - 2016-09-07 20:21 - 00003342 _____ C:\WINDOWS\System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2}
2016-09-07 14:31 - 2016-09-07 14:31 - 86921726 _____ C:\Users\Alex\Downloads\LStThViC.rar
2016-09-07 14:30 - 2016-09-08 16:45 - 00000000 ____D C:\Users\Alex\Desktop\Lindsey Stirling
2016-09-07 14:30 - 2016-09-07 14:30 - 137263509 _____ C:\Users\Alex\Downloads\%2FLindsey_Stirling-Lindsey_Stirling-%28Deluxe_Edition%29-2013-C4.zip
2016-09-07 14:29 - 2016-09-07 14:32 - 118347516 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Brave_Enough-%28Limited_Deluxe_Edition%29-2016-C4.rar
2016-09-07 14:29 - 2016-09-07 14:30 - 111660182 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Shatter_Me-%28Deluxe_Edition%29-2014-C4.rar
2016-09-07 14:26 - 2016-09-07 14:25 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-09-07 14:24 - 2016-09-07 14:24 - 01196752 _____ (Adobe Systems Incorporated) C:\Users\Alex\Downloads\flashplayer22_xa_install.exe
2016-09-07 13:09 - 2016-09-07 13:13 - 01028096 ____N C:\Users\Alex\Downloads\Fernbus Simulator Free.img
2016-09-06 13:11 - 2016-09-06 13:11 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\libeay32.dll
2016-09-06 13:11 - 2016-09-06 13:11 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\ssleay32.dll
2016-09-06 13:10 - 2016-09-14 16:13 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-06 13:10 - 2016-09-06 13:10 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00000000 ____D C:\Program Files (x86)\FastSocial
2016-09-06 13:08 - 2016-09-06 13:08 - 00000381 _____ C:\Users\Alex\Downloads\FF16 TOR.txt
2016-09-06 08:34 - 2016-09-14 16:13 - 00000000 ____D C:\AdwCleaner
2016-09-05 09:57 - 2016-09-05 09:57 - 01144832 _____ C:\Users\Alex\Downloads\Crack Setup.img
2016-09-02 20:44 - 2016-09-02 20:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Promotion Software GmbH
2016-09-02 20:39 - 2016-09-02 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2016-08-31 15:26 - 2016-08-31 15:26 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads (1).exe
2016-08-30 20:28 - 2016-08-30 20:28 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autobahn Police Simulator.lnk
2016-08-30 20:24 - 2016-08-30 20:24 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (2).asx
2016-08-30 13:45 - 2016-08-30 13:46 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2016-08-30 13:45 - 2016-08-30 13:45 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe
2016-08-30 13:45 - 2016-08-30 13:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2016-08-30 13:42 - 2016-08-30 13:42 - 01474568 _____ C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe
2016-08-30 11:43 - 2016-08-30 11:43 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe
2016-08-30 09:52 - 2005-05-17 15:39 - 00349265 _____ C:\Users\Alex\Desktop\tvtotalnippelboard.swf
2016-08-30 09:50 - 2016-08-30 09:52 - 395414331 _____ () C:\Users\Alex\Downloads\GLP - Soundboard Setup.exe
2016-08-30 09:48 - 2016-08-30 09:48 - 01474568 _____ C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
2016-08-29 21:18 - 2016-08-29 21:18 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads.exe
2016-08-29 21:15 - 2016-08-29 21:16 - 02000360 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_blacksheephd.exe
2016-08-29 20:53 - 2016-08-29 20:55 - 04411520 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_x96byzanard.exe
2016-08-29 20:47 - 2016-08-29 20:56 - 03227864 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_pioneerxdjrxbyzaik.exe
2016-08-29 10:28 - 2009-10-30 04:39 - 08151040 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CMICNFG3.dll
2016-08-29 10:28 - 2009-04-02 10:59 - 00143360 ____N C:\WINDOWS\SysWOW64\VmixP6.dll
2016-08-29 10:28 - 2008-07-23 12:59 - 00389120 ____N () C:\WINDOWS\system32\CMICNFG3.cpl
2016-08-29 10:28 - 2006-09-13 20:21 - 00200704 ____N (C-Media) C:\WINDOWS\SysWOW64\CMPaOxy.dll
2016-08-29 10:27 - 2016-08-29 10:28 - 00000188 _____ C:\WINDOWS\Cmicnfg3.ini.cfl
2016-08-29 10:27 - 2016-08-29 10:27 - 00792576 ____N C:\WINDOWS\system32\Cmeaupci.exe
2016-08-29 10:27 - 2016-08-29 10:27 - 00000183 _____ C:\WINDOWS\Cmicnfg3.ini.imi
2016-08-29 10:27 - 2016-08-29 10:27 - 00000130 _____ C:\WINDOWS\system\Dlap.pfx
2016-08-29 10:27 - 2016-08-29 10:27 - 00000122 _____ C:\WINDOWS\system\Cmicnfg3.ini
2016-08-29 10:27 - 2016-08-29 10:27 - 00000000 ____D C:\Users\Alex\Desktop\PCI-8738-091211-7.12.8.1740(W7-RC-01)
2016-08-29 10:27 - 2009-12-11 05:28 - 00002754 ____N C:\WINDOWS\cmudax3.ini
2016-08-29 10:27 - 2009-12-01 05:31 - 01155072 _____ (C-Media Inc) C:\WINDOWS\system32\Drivers\cmudax3.sys
2016-08-29 10:27 - 2009-08-19 10:00 - 00359424 ____N C:\WINDOWS\system32\CmiInstallResAll64.dll
2016-08-29 10:27 - 2008-10-15 09:41 - 00002123 ____N C:\WINDOWS\Cmicnfg3.ini.cfg
2016-08-29 10:27 - 2007-11-04 19:30 - 01144983 ____N C:\WINDOWS\SysWOW64\KB936225x64.msu
2016-08-29 10:27 - 2007-02-26 14:30 - 00036864 _____ (C-Media Electronics Ins.) C:\WINDOWS\system32\cmudax3.dll
2016-08-29 10:27 - 2006-10-05 23:45 - 00524768 _____ (Microsoft Corporation) C:\WINDOWS\difxapi.dll
2016-08-28 20:36 - 2016-08-28 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\ProgramData\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-08-28 20:32 - 2016-08-28 20:33 - 244782432 _____ (Native Instruments ) C:\Users\Alex\Downloads\Traktor 2 2.10.3 Setup PC.exe
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 __HDC C:\ProgramData\{EB9C1D32-304E-4E8E-8D44-C4102A190A39}
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 ____D C:\Backup
2016-08-28 20:28 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2016-08-28 18:15 - 2016-09-13 15:38 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-08-28 18:15 - 2016-08-31 15:01 - 00000000 ____D C:\Users\Alex\Documents\VirtualDJ
2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-08-28 18:14 - 2016-08-28 18:15 - 38203392 _____ C:\Users\Alex\Downloads\install_virtualdj_pc_v8.2.3343.msi
2016-08-28 17:52 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\AppData\Local\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 25035393 _____ C:\Users\Alex\Downloads\mixxx-2.0.0-win64.exe
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\Program Files\Mixxx
2016-08-28 17:41 - 2016-08-28 18:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zulu DJ-Software.lnk
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-28 17:40 - 2016-08-28 17:40 - 00974560 _____ (NCH Software) C:\Users\Alex\Downloads\zulusetup.exe
2016-08-28 17:40 - 2016-08-28 17:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NCH Software
2016-08-28 17:03 - 2016-08-28 17:03 - 38302328 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_virtualdj_home_v7.4.6.exe
2016-08-27 15:10 - 2016-08-27 15:10 - 02929520 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer.exe
2016-08-26 15:21 - 2016-08-26 15:21 - 01106840 _____ (Unity Technologies ApS) C:\Users\Alex\Downloads\UnityWebPlayer64.exe
2016-08-26 14:25 - 2016-08-26 14:25 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-08-25 21:58 - 2016-08-25 21:58 - 00000000 ____D C:\Users\Alex\Documents\Ghosthunters
2016-08-25 21:12 - 2016-08-25 21:12 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (1).asx
2016-08-23 22:19 - 2016-08-23 22:19 - 00000000 ____D C:\Users\Alex\Documents\Die Unfassbaren 2
2016-08-23 21:09 - 2016-08-23 21:09 - 00000000 ____D C:\Users\Alex\Documents\Die.wilden.Kerle.6.Die.Legende.lebt
2016-08-22 18:36 - 2016-08-22 18:36 - 00001187 _____ C:\Users\Alex\Desktop\Dynamo Dresden v RB Leipzig - DFB Pokal 1 Runde 2016_17_08.lnk
2016-08-22 18:25 - 2016-08-22 18:25 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Aspyr Media
2016-08-22 17:53 - 2016-08-22 17:53 - 00000744 _____ C:\Users\Public\Desktop\Layers of Fear - Masterpiece Edition.lnk
2016-08-22 17:52 - 2016-08-22 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloober Team SA
2016-08-20 15:42 - 2016-09-12 08:10 - 00000000 ____D C:\Users\Alex\Desktop\Musik
2016-08-18 21:09 - 2016-08-18 21:09 - 00003320 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-17 10:55 - 2015-03-30 17:38 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-17 10:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-17 10:41 - 2015-08-06 17:26 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9976B872-EBCD-4E3B-A512-199270B5525F}
2016-09-17 10:38 - 2015-05-04 14:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-17 10:37 - 2015-07-31 20:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Wise Care 365
2016-09-17 10:36 - 2015-08-04 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-17 10:34 - 2015-12-22 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-17 10:34 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-17 10:34 - 2015-03-30 17:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-17 10:34 - 2015-03-30 17:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-16 21:52 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-16 21:50 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-16 21:50 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-16 21:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-16 21:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-16 20:32 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-16 20:25 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-16 20:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-16 20:24 - 2015-03-30 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-16 20:23 - 2015-01-01 00:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-16 20:16 - 2015-01-01 00:28 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-16 20:03 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-16 20:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-16 19:31 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-14 17:19 - 2016-07-25 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-14 17:19 - 2016-07-21 17:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 17:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-09-14 16:22 - 2016-07-20 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 16:21 - 2016-07-21 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-14 16:14 - 2016-07-20 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-13 21:22 - 2015-08-04 20:05 - 00000000 ____D C:\Users\Alex\Desktop\Sonstiges
2016-09-13 21:02 - 2014-12-31 21:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-13 20:50 - 2016-07-25 15:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-09-13 20:11 - 2015-04-01 12:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-13 11:55 - 2016-03-24 18:55 - 06502080 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 11:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-13 08:34 - 2015-07-31 20:20 - 00002127 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-09-12 10:35 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 10:29 - 2014-12-31 21:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2016-09-12 01:15 - 2015-01-04 22:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-09-12 01:15 - 2015-01-02 16:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2016-09-11 23:20 - 2015-12-22 16:42 - 02113470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 23:20 - 2015-10-30 20:35 - 00898170 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-11 23:20 - 2015-10-30 20:35 - 00201656 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-11 22:43 - 2015-07-03 15:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-09-11 22:42 - 2015-07-03 15:19 - 00000000 ____D C:\Program Files\Rockstar Games
2016-09-09 22:07 - 2015-12-22 16:43 - 00000000 ____D C:\Users\Alex
2016-09-08 22:27 - 2015-01-02 20:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2016-09-08 13:14 - 2015-10-01 21:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2016-09-08 12:28 - 2015-01-01 12:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2016-09-08 12:00 - 2015-08-21 10:33 - 00000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2016-09-07 22:17 - 2014-12-31 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-07 22:17 - 2014-12-31 21:27 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-07 20:20 - 2015-01-03 13:40 - 00000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2016-09-07 14:33 - 2015-03-30 20:16 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 14:26 - 2015-09-13 09:21 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2016-09-07 14:26 - 2015-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 14:26 - 2015-03-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-07 14:25 - 2016-02-19 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00000000 ____D C:\Program Files\Java
2016-09-07 14:24 - 2015-01-01 21:08 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2016-09-07 13:07 - 2014-12-31 20:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-07 08:10 - 2013-01-05 21:32 - 00400614 __RSH C:\bootmgr
2016-09-07 08:04 - 2015-12-22 16:37 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 13:09 - 2016-07-26 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-04 19:09 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 16:38 - 2015-02-01 10:39 - 00000000 ____D C:\ProgramData\Ultra Vision Video Converter
2016-08-29 10:29 - 2016-01-17 10:33 - 00387176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-29 10:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-08-27 15:56 - 2015-09-03 19:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2016-08-27 15:10 - 2015-09-03 18:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2016-08-27 13:19 - 2015-11-10 14:32 - 00000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2016-08-27 09:24 - 2015-05-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ravenscourt
2016-08-22 18:55 - 2016-01-31 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2016-08-21 09:21 - 2015-08-17 19:42 - 00000000 ___RD C:\Users\Alex\Desktop\Bildbearbeitung
2016-08-20 15:21 - 2015-02-26 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-08-18 21:09 - 2015-08-04 19:56 - 00002416 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 21:09 - 2015-08-04 19:56 - 00000000 ___RD C:\Users\Alex\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-15 18:22 - 2015-11-15 10:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2016-06-02 10:48 - 2016-06-02 10:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 15:38 - 2015-04-10 15:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 18:01 - 2015-07-04 18:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 20:25 - 2015-07-24 20:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 12:41 - 2015-11-18 12:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2015-12-22 16:38 - 2015-12-22 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-07 17:36

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Alex (17-09-2016 16:32:01)
Gestartet von C:\Users\Alex\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-22 15:12:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2927967124-101175508-2003510897-500 - Administrator - Enabled) => C:\Users\Administrator
Alex (S-1-5-21-2927967124-101175508-2003510897-1000 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2927967124-101175508-2003510897-503 - Limited - Disabled)
Gast (S-1-5-21-2927967124-101175508-2003510897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2927967124-101175508-2003510897-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
18 Wheels of Steel Extreme Trucker 2 (HKLM-x32\...\{A2B65355-E44A-4662-9533-AB5A4A3533ED}) (Version: 1.00.0000 - Valusoft)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 17.0.2946.11963 - AKVIS)
Armored Warfare MyCom (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom) (Version: 1.96 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd)
Autobahn Police Simulator MULTI4 (HKLM\...\YXV0b2JhaG5wb2xpY2VzaW11bGF0b3I_is1) (Version: 1 - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 1.5.2.25975 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BASE (HKLM-x32\...\{B4D9F24E-C5C2-4B5E-A56D-8E13E0729C64}) (Version: 1.0.0 - d3)
Berg und Tunnelbau (HKLM-x32\...\Mining and Tunneling) (Version:  - )
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dance eJay 7 (HKLM-x32\...\{A18BB607-BC5A-474E-88FD-C215B91A0F97}) (Version: 7 - Empire Interactive)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
DIG IT! - A Digger Simulator (HKLM\...\Steam App 311910) (Version:  - Cape Copenhagen)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2016 (HKLM-x32\...\Emergency 2016_is1) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastSocial version 1 (HKLM-x32\...\{0C9D97C7-4EC9-4BAB-AE9E-FA4F9EE56484}_is1) (Version: 1 - )
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
GdZ WoT ModPack Version 0.9.15.1.5 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.15.1.5 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Heart's Medicine: Time to Heal (HKLM\...\aGVhcnRzbWVkaWNpbmV0aW1ldG9oZWFs_is1) (Version: 1 - )
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita Desktop (x86) "2.9.6.3" (HKLM-x32\...\{ACF8935C-CA56-43D2-A923-DD95CBCE1BEB}) (Version: 2.9.6.3 - Krita Foundation)
Layers of Fear (HKLM-x32\...\Layers of Fear_is1) (Version:  - )
Life is Strange (HKLM-x32\...\Life is Strange_is1) (Version:  - )
Locks Pro (HKLM-x32\...\Locks Pro) (Version:  - )
Logistics Company (HKLM\...\Steam App 328310) (Version:  - Crenetic GmbH Studios)
Logitech Gaming Software 64 (HKLM-x32\...\InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Model_Viewer (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\007d47cbc8a50530) (Version: 2.0.0.23 - WOT MODEL VIEWER)
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Nesbox Companion (HKLM-x32\...\com.nesbox.companion) (Version: 1.1 - UNKNOWN)
Nesbox Companion (x32 Version: 1.1 - UNKNOWN) Hidden
null (HKLM-x32\...\MonsterMaker) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.5.1.212 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.212 - Odem Mortis)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.06 - aerosoft)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.306.0 - Overwolf Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProTrain Perfect 2 - Dresden - Leipzig - (HKLM-x32\...\{509E436F-FEEA-49BC-BD16-8F5F67D715E1}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nord-Süd 2  - Update (HKLM-x32\...\{2DE73DB6-37F4-4580-97A0-505D478EF02A}) (Version: 1.31 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 4 - S-Bahn Berlin- Update 1.1 (HKLM-x32\...\{56706286-0B7A-46A3-9835-CF1ACB4BBFE2}) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RESCUE 2013 (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\RESCUE 2013) (Version: 1.30.00.00 - rondomedia GmbH)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version:  - )
Samantha Swift and the Golden Touch (HKLM-x32\...\Samantha Swift and the Golden Touch) (Version: 1.1.0.0 - MumboJumbo)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Application Controller (HKLM-x32\...\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1) (Version: 1.00 - Smart Application Controller)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Last Dream - Developer's Edition (HKLM-x32\...\The Last Dream - Developer's Edition_is1) (Version:  - )
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.0.0 - Tweaking.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UK Truck Simulator 1.11 (HKLM-x32\...\UK Truck Simulator) (Version: 1.11 - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VirtualDJ 8 (HKLM-x32\...\{AC964E48-8E21-4622-9073-AD42BC6A57B1}) (Version: 8.2.3343.0 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wonderland Solitaire (HKLM-x32\...\Wonderland Solitaire) (Version:  - )
World Series Of Poker  (HKLM-x32\...\World_Series_Of_Poker_1.0) (Version:  - )
X-Mouse Button Control 2.9.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.9.1 - Highresolution Enterprises)
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.63 - NCH Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03721160-D3EC-4395-9515-90AF4387D601} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-09-07] (Overwolf LTD)
Task: {08071F0B-7A8F-4307-AC19-CAC94B3D7CF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {088BCE7E-C0DF-4878-9566-F3DF074A0850} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft)
Task: {11072F2E-CF5D-4042-8117-BF302C3D1134} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {2D6D5D52-DEB4-4D7E-8582-BFA2594CE8A4} - System32\Tasks\{E38CF82E-0E32-471D-AF9A-11ACBB05F575} => pcalua.exe -a "D:\Spiele\Black &amp; White\Setup.exe" -d "D:\Spiele\Black &amp; White"
Task: {3219B889-3FAF-4BA3-87DF-9656385F0909} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {3E59135F-C845-4CA7-9306-09BA53D3BF10} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {3ECA284F-6060-4355-8201-2B3667D6A8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {48A39499-C887-47AB-A03E-EC1284135582} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
Task: {739D6E46-1EBE-45B0-B3A8-BE4B706B11C9} - System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2} => pcalua.exe -a "D:\Spielei\RollerCoaster Tycoon 3 Platinum\RCT3.EXE" -d "D:\Spielei\RollerCoaster Tycoon 3 Platinum"
Task: {7D66D896-7E61-483F-AC36-CBF7B2F70AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-16] (Microsoft Corporation)
Task: {82459BE3-0FD2-4083-A85E-4E159CB47C66} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {9459BA5A-FD31-4742-B874-E18D2F2CFA4F} - System32\Tasks\{9F699765-8CF8-476D-B4B0-17A827A46CA3} => C:\Program Files (x86)\Origin\Origin.exe [2015-03-24] (Electronic Arts)
Task: {981322A7-5CE4-419F-9EE9-A5B122E6477F} - System32\Tasks\CheckControllerUpdatesUA => C:\Program Files (x86)\Smart Application Controller\smappscontroller.exe [2016-07-13] (Smart Application Controller)
Task: {A1F15BE6-717C-4421-B6F5-31A5D6F3E16A} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-07-27] (WiseCleaner.com)
Task: {A395D13F-8616-4430-AA41-59C643D31545} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-13] (Google Inc.)
Task: {BCE3DD01-4356-448D-B9F2-B66F03DA84E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {C90E9125-55FE-459E-B59C-A8CC3EDC83B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DF339562-E44E-4C7B-BFED-89CD5B300750} - System32\Tasks\{E32C968D-9A4A-468A-9739-5EC5DD81248A} => pcalua.exe -a "F:\Wolfenstein The Old Blood German Uncut Edition\WOLF.OB.GUE.exe" -d "F:\Wolfenstein The Old Blood German Uncut Edition"
Task: {E27BD397-DC88-4C92-9D33-9AEBB4FF1077} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
Task: {FD8DDAD2-0AB1-4C79-8872-2DE3B0CAA13A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alex\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-22 16:39 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-31 20:57 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-18 21:09 - 2016-08-18 21:09 - 01864384 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-23 10:07 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-20 14:57 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 14:48 - 2016-04-19 14:49 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-05-20 16:35 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-04 14:57 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-04 14:57 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-04 14:57 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-04 14:57 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-04 14:57 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-04 14:57 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-04 14:57 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-04 14:57 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-04 14:57 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-04 14:57 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-04 14:57 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 12:07 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-08-18 21:08 - 2016-08-18 21:08 - 01383616 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 21:09 - 2016-08-18 21:09 - 00118976 _____ () C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2015-05-04 14:57 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Alex\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Alex\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [137]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-06 13:11 - 00001037 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Control Panel\Desktop\\Wallpaper -> F:\Oskar\Neuer Ordner (21)\Neuer Ordner (8)\IMG-20160619-WA0004.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "TomTomHOME.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{B8EC54F5-26ED-48D9-8E73-FD26BA352BB4}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{185431DA-2C79-4C60-AF6B-330AB0971EA2}G:\program files\skype\phone\skype.exe] => (Allow) G:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{203E9AAD-FAA1-49B9-9BE9-F2C2271A368F}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{D7B962F1-105F-488E-9678-984032B74CFF}C:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{59F51F14-EE3A-45A9-9C87-9485BF612573}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{2453E5A1-8AEF-432D-9F29-4435D9123DAF}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{68A87591-6E15-49C9-B6D5-00E0404EE469}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{98862868-268B-46F0-A7A1-F419B1F37ED4}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{A37D346B-E470-486D-886A-AB7A70CEA756}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{9941EBEE-8E38-4E5A-B75F-BF3E22A5007B}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{86285CEE-479B-46FD-B323-93D13AFF6BB7}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{F028F5E8-B9B2-4FFD-8967-454EF0D5C8AD}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{055257B4-7DB5-421A-B9CE-FC9A2768CEC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64626A8F-D518-4A3E-B800-B6E6E12D8A6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{351CF24C-5C76-480D-8504-68E0AD1843D7}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{948DAF27-C71D-4CC4-BE10-89DB3D4046BC}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{253899B7-30F0-40FA-820D-42FC5EE64BDD}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{E6B46A64-C7FB-4B76-BDA2-7F8CE5C19BE2}] => (Block) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{7B9803AD-565F-484F-A3AC-7608B4E027C0}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B7B8C30-490B-4165-91C9-0BA2ECF08FE9}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{63B3C213-6114-4963-A3D3-EB3CD2016612}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B77A2EB4-C11B-43C6-BFA5-0DF9C825F01D}D:\spiele\world_of_tanks\wotlauncher.exe] => (Allow) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{ABC853EF-AA7D-4B6B-9898-2DE7F7131D17}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{3DE2D36C-CCC9-4E7F-A312-82C6FF4BAE64}] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{4D80A436-398C-4BA4-9626-484B2BD6890B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8C15BD84-ED5D-442F-B454-6093E1A34678}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F520FDF6-D5AF-49EE-9672-80D2D78A1ECE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DE4A103C-31F4-40A1-8F16-31CB15E8865C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8A82E90F-A1DD-4E49-867E-0D95254879E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DC96D98-714F-4456-ABFD-E54CF194D6CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6E0C7D29-7456-4E18-8D41-C374DB54F8EF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BEE464F7-4F1A-4DC3-A9DF-C6496F7DC8EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F73A41F2-F6B4-4D42-94B0-24FB215C452E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D2EE8800-F670-445E-8AED-196AEE247BB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B8F73D0-7764-46F2-8DA0-FDE0DE8DFE90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{676D9C46-E14F-4026-ADDE-B2C63446D955}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B35FD59-01B0-44F0-85EF-E4ED1F88E13B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A3D99F3-D921-426B-B7DF-7324B11E5EAF}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{10DFF208-43B4-487F-B87C-EC2EDD159280}] => (Allow) D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [TCP Query User{267A32AA-CDCA-4691-A944-9E604C81E46D}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [UDP Query User{B181587D-6A97-4BAD-A8D4-A6AF6CBCC296}D:\spiele\sebastien loeb rally evo\slrx64.exe] => (Allow) D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{EEF9EBA0-1956-40F6-B77F-614DD4EA5722}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{9F3E3F30-F41B-4865-BE41-83FE9833B3F6}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{1BE673C4-9EBC-4746-8864-4EF8DE737B8F}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{94ED7558-F682-4093-9313-F8ACBF078BE0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{97934D29-83EA-4C92-A58B-9C1490FA8661}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{BD969C95-3B4F-47ED-9D72-B0B16C1B9221}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{65209785-178C-4995-A308-6B16828E82FC}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{C765AC84-C3C6-4381-B834-7A4D9C1A7519}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{D0FB81DC-360F-4A36-8512-FD557837FBD0}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{612D9E77-960F-447F-900B-BA528AD8C8C3}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{DE0D30BD-785F-4C6E-AB2E-B2EA5B95A212}] => (Allow) C:\Users\Alex\AppData\Local\Temp\Uninstall.exe
FirewallRules: [{785C73F8-5AFE-469E-9E2D-2F1B814DE3C8}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{0B571320-7652-4382-A54C-630B0BBABE66}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{B1D7EA1F-B066-4CA0-8D50-E89501B0C6F0}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{CBF73693-887B-4786-989A-E6B514955243}] => (Allow) D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{BAD49B2D-5B7E-4239-97FF-CCCC34FCE690}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{39235AEA-0DD2-4CDA-B963-38FB32CEC0B1}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{31F01DEC-1B23-430D-93A4-34E1165168BA}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [UDP Query User{663B8EBA-8FDD-4379-A5DB-5EAE3D1D4F06}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => (Allow) D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{6C958C17-0A38-493E-99CC-B87F1FDB242D}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [UDP Query User{5455F566-360E-4D82-AF47-7E01DC44F3E8}D:\spiele\mxgp2\mxgp_2x64.exe] => (Allow) D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [TCP Query User{4FC326C9-DD65-4C55-B7CF-F00DC2A25734}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [UDP Query User{3DDC05D5-A11D-4FFF-9EBE-07A822FE9984}D:\spiele\mxgp2\mxgp_2.exe] => (Allow) D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [{15350DE1-C269-45CC-9C37-ED444708E09B}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{0FAB828E-4B69-4960-AB60-B6E47BD20F3C}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{822BDA0E-5DAC-4BA9-84DE-BEFCED48F171}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{E3475040-EF12-4BFA-90D4-5CCFFD4182C3}] => (Allow) D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{D5402871-D6DB-4AF8-A11B-211A8FC142C0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C55D6CF-C802-4747-B16E-96E20EA42E76}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{0653881F-C4F1-483B-9EEF-03B6E478915E}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [UDP Query User{2C652085-C216-4B0B-B1F6-DFD07D862D05}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [TCP Query User{CE25C343-01B1-4AC8-B589-828CC9C63538}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [UDP Query User{329E50C5-1D43-40B1-AE0C-DF02A1473FFA}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [TCP Query User{1ABB671C-E149-4942-90E0-2FB13CF7EA4F}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [UDP Query User{EDFA809B-57F0-462A-B2AA-19CD31295828}D:\spiele\street fighter x tekken complete pack\sftk.exe] => (Allow) D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [TCP Query User{6608EC4A-642D-47C4-AD82-C8174517D431}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [UDP Query User{F3A2D79C-8F64-4056-9DA6-9D402E8BCB68}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => (Allow) D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [TCP Query User{2203F989-B0FB-4A66-B5AC-7606BEEE091E}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{1A43CF24-88C0-4887-9A94-04DFD8A1B8FD}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{15842196-AF0E-4252-8B98-1B0C1BD6F6C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C5EDC8EF-6825-4B8C-BB28-47C641330927}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{71654F9A-49E1-4DB8-90D1-E6FDEE57BB02}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [UDP Query User{389B68A3-BDB8-4CC7-B5F1-B9EAD578C78D}D:\spiele\dovetail games flight school\fsc.exe] => (Allow) D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [TCP Query User{9022ED3A-732F-4D6B-B4A2-039E2232E84D}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [UDP Query User{50273C90-0B32-483A-82AB-CE40A761D30A}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => (Allow) D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [TCP Query User{A09AC952-684E-4B97-9EFD-1E9962A6A6C6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{339B0FA0-5B3B-4771-B2CC-A7B468AB37BF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CAA3658F-D1DC-499D-A613-9D1FE46AC2EC}] => (Allow) D:\Spiele\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{7E1EC7E7-AD73-4F85-9297-13EB50549D60}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{5DABB8C9-E523-4BC0-B006-53BBB5DF8814}] => (Allow) C:\Users\Alex\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{2D262BCC-E6F4-4697-87CB-E62DEBB048DC}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{43DC8776-57FD-40B5-91B0-CBD2C03C5632}] => (Allow) D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{501BE952-5E41-4898-A8B2-8BDF4BF5BB2F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/16/2016 08:22:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/16/2016 07:31:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 20.14.1.0, Zeitstempel: 0x568e3f71
Name des fehlerhaften Moduls: NvBackend.exe, Version: 20.14.1.0, Zeitstempel: 0x568e3f71
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009a323
ID des fehlerhaften Prozesses: 0x2d20
Startzeit der fehlerhaften Anwendung: 0x01d2103efcab4203
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Berichtskennung: f6ab23cf-0668-4d10-9532-396127af121f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/16/2016 07:23:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PEACHY)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/14/2016 04:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service JoropygrosakDebuger since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (09/14/2016 04:58:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/14/2016 04:23:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 02:55:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:52 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.

Error: (09/14/2016 08:58:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Alex\Desktop\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.


Systemfehler:
=============
Error: (09/17/2016 04:27:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BITS erreicht.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/17/2016 11:09:22 AM) (Source: DCOM) (EventID: 10016) (User: PEACHY)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Peachy\Alex" (SID: S-1-5-21-2927967124-101175508-2003510897-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-09-17 10:35:50.014
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-14 17:34:41.381
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 16:53:51.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.141
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:18.086
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:14.984
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 14:22:13.570
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:54.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-14 13:48:54.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8190.11 MB
Verfügbarer physikalischer RAM: 5471.36 MB
Summe virtueller Speicher: 8702.11 MB
Verfügbarer virtueller Speicher: 5932.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:25.58 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:319.27 GB) (Free:66.43 GB) NTFS
Drive f: (HITACHI) (Fixed) (Total:931.28 GB) (Free:111.51 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A8DAA8DA)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0DEE6153)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

M-K-D-B 17.09.2016 20:24
Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles. :)



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

bohm 17.09.2016 20:33
Dadurch das ESET bei mir über 7 Stunden dauert werde ich es morgen früh starten und dann werde ich antworten!

M-K-D-B 17.09.2016 20:40
Zitat:
Zitat von bohm (Beitrag 1610859)
Dadurch das ESET bei mir über 7 Stunden dauert werde ich es morgen früh starten und dann werde ich antworten!
Ok :)

bohm 18.09.2016 14:05
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Alex (18-09-2016 07:58:49) Run:3
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ???l?r?r.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Int?rn?t ???l?r?r.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G??gl? ?hr?m?.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk -> C:\Users\Alex\AppData\Roaming\HPRewriter2\RewRun3.exe (Keine Datei)
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
       
*****************

Prozess erfolgreich geschlossen.
"C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ???l?r?r.lnk" => Konnte nicht verschoben werden.
"C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Int?rn?t ???l?r?r.lnk" => Konnte nicht verschoben werden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G??gl? ?hr?m?.lnk" => Konnte nicht verschoben werden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk" => Konnte nicht verschoben werden.

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: F648-146F

 Verzeichnis von C:\Program Files

16.09.2016  20:25    <DIR>          .
16.09.2016  20:25    <DIR>          ..
06.01.2015  10:17    <DIR>          Adblock Plus for IE
17.08.2015  19:08    <DIR>          Adobe
31.12.2014  20:46    <DIR>          ATI
31.12.2014  20:46    <DIR>          ATI Technologies
20.07.2016  18:05    <DIR>          CMAK
28.08.2016  20:36    <DIR>          Common Files
04.08.2015  19:17    <DIR>          DVD Maker
20.08.2015  16:55    <DIR>          FileZilla FTP Client
31.12.2014  21:43    <DIR>          Highresolution Enterprises
04.11.2015  10:26    <DIR>          HWiNFO64
16.09.2016  21:50    <DIR>          Internet Explorer
07.09.2016  14:25    <DIR>          Java
06.01.2015  10:58    <DIR>          Logitech
17.11.2015  00:56    <DIR>          Microsoft Mouse and Keyboard Center
04.01.2015  22:48    <DIR>          Microsoft Office
17.09.2016  10:34    <DIR>          Microsoft Silverlight
28.08.2016  17:48    <DIR>          Mixxx
14.09.2016  17:19    <DIR>          Mozilla Firefox
22.12.2015  16:25    <DIR>          MSBuild
11.02.2016  13:52    <DIR>          NVIDIA Corporation
22.12.2015  16:38    <DIR>          Realtek
22.12.2015  16:25    <DIR>          Reference Assemblies
11.09.2016  22:42    <DIR>          Rockstar Games
09.06.2016  17:14    <DIR>          TeamSpeak 3 Client
16.08.2015  11:06    <DIR>          totalcmd
28.03.2015  15:53    <DIR>          UeEi2
22.03.2015  10:37    <DIR>          Unity
13.09.2016  20:47    <DIR>          VS Revo Group
16.09.2016  21:50    <DIR>          Windows Defender
16.09.2016  21:50    <DIR>          Windows Mail
16.09.2016  21:50    <DIR>          Windows Media Player
10.03.2016  22:30    <DIR>          Windows Multimedia Platform
22.12.2015  17:12    <DIR>          Windows NT
16.09.2016  21:50    <DIR>          Windows Photo Viewer
10.03.2016  22:30    <DIR>          Windows Portable Devices
02.01.2015  13:51    <DIR>          WinRAR
              0 Datei(en),              0 Bytes
              38 Verzeichnis(se), 28.016.099.328 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: F648-146F

 Verzeichnis von C:\Program Files (x86)

14.09.2016  17:09    <DIR>          .
14.09.2016  17:09    <DIR>          ..
15.02.2016  10:04    <DIR>          AbiWord
07.05.2016  17:11    <DIR>          Activation
02.06.2016  10:50    <DIR>          Adobe
30.06.2016  18:54    <DIR>          AIMP
27.11.2015  21:58    <DIR>          AKVIS
03.01.2015  14:03    <DIR>          Anvsoft
31.01.2015  12:06    <DIR>          ASUS
16.06.2016  10:53    <DIR>          Auslogics
10.04.2015  16:20    <DIR>          Avidemux 2.6
07.09.2016  22:17    <DIR>          Avira
01.02.2015  10:39    <DIR>          AVS4YOU
02.04.2015  10:29    <DIR>          Bandicam
02.04.2015  10:29    <DIR>          BandiMPEG1
12.12.2015  20:07    <DIR>          CDBurnerXP
20.07.2016  18:05    <DIR>          CMAK
07.09.2016  14:26    <DIR>          Common Files
07.05.2016  16:53    <DIR>          D-Link
22.06.2015  21:07    <DIR>          DAEMON Tools Lite
22.06.2015  21:07    <DIR>          Disc Soft
02.01.2015  20:29    <DIR>          DLLSuite
20.01.2015  10:31    <DIR>          epson
14.09.2016  08:58    <DIR>          ESET
06.09.2016  13:10    <DIR>          FastSocial
29.03.2015  16:46    <DIR>          Foxit Software
25.03.2015  17:53    <DIR>          Freemake
13.09.2016  21:02    <DIR>          Google
16.09.2016  21:50    <DIR>          Internet Explorer
07.09.2016  14:26    <DIR>          Java
26.08.2015  20:17    <DIR>          Krita (x86)
03.04.2016  20:46    <DIR>          LocksPro
14.09.2016  17:19    <DIR>          Malwarebytes Anti-Malware
27.03.2016  10:33    <DIR>          MegaDev
04.08.2015  19:17    <DIR>          Microsoft
22.02.2015  21:56    <DIR>          Microsoft ASP.NET
27.04.2015  20:26    <DIR>          Microsoft Games for Windows - LIVE
08.03.2015  11:31    <DIR>          Microsoft Office
17.09.2016  10:34    <DIR>          Microsoft Silverlight
04.01.2015  22:51    <DIR>          Microsoft Visual Studio
04.01.2015  22:48    <DIR>          Microsoft Visual Studio 8
22.02.2015  21:58    <DIR>          Microsoft Works
22.12.2015  16:47    <DIR>          Microsoft.NET
04.09.2016  19:09    <DIR>          Mozilla Maintenance Service
20.08.2016  15:21    <DIR>          Mozilla Thunderbird
30.08.2016  13:46    <DIR>          MP3Gain
22.12.2015  16:55    <DIR>          MSBuild
28.08.2016  17:41    <DIR>          NCH Software
02.04.2015  19:46    <DIR>          Nesbox Companion
31.12.2015  21:03    <DIR>          NVIDIA Corporation
31.12.2014  21:10    <DIR>          OpenOffice.org 3
10.08.2015  16:45    <DIR>          Origin
13.09.2016  20:11    <DIR>          Overwolf
17.08.2015  15:23    <DIR>          PhotoScape
01.04.2015  11:29    <DIR>          PlayClaw 5
17.08.2015  19:35    <DIR>          PMlabs
31.12.2014  20:55    <DIR>          Realtek
22.12.2015  16:25    <DIR>          Reference Assemblies
11.09.2016  22:43    <DIR>          Rockstar Games
27.11.2015  21:53    <DIR>          Sketch Drawer
23.07.2016  22:45    <DIR>          Smart Application Controller
29.04.2016  20:52    <DIR>          Sony
18.09.2016  07:55    <DIR>          Steam
20.01.2015  20:51    <DIR>          TeamViewer
16.08.2016  20:00    <DIR>          TomTom International B.V
31.01.2015  12:35    <DIR>          Total Video Converter
28.03.2015  17:39    <DIR>          Tweaking.com
16.03.2016  20:48    <DIR>          Ubisoft
01.02.2015  10:39    <DIR>          Ultra Vision Video Converter
31.12.2014  20:40    <DIR>          VideoLAN
13.09.2016  15:38    <DIR>          VirtualDJ
03.01.2016  15:18    <DIR>          VMware
13.09.2016  20:50    <DIR>          VS Revo Group
06.05.2016  21:30    <DIR>          Winamp
16.09.2016  21:50    <DIR>          Windows Defender
16.09.2016  21:50    <DIR>          Windows Mail
30.10.2015  20:35    <DIR>          Windows Media Player
10.03.2016  22:30    <DIR>          Windows Multimedia Platform
30.10.2015  09:24    <DIR>          Windows NT
16.09.2016  21:50    <DIR>          Windows Photo Viewer
10.03.2016  22:30    <DIR>          Windows Portable Devices
30.08.2015  16:31    <DIR>          Wise
              0 Datei(en),              0 Bytes
              82 Verzeichnis(se), 28.010.098.688 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: F648-146F

 Verzeichnis von C:\ProgramData

03.04.2015  16:06    <DIR>          .mono
17.08.2015  14:58    <DIR>          Adobe
16.06.2016  10:54    <DIR>          Auslogics
12.09.2016  08:13    <DIR>          AVAST Software
12.09.2016  08:13    <DIR>          Avg
12.09.2016  08:13    <DIR>          Avira
24.11.2015  16:21    <DIR>          Becky Brogan 2
15.03.2016  21:51    <DIR>          BlueStacksSetup
17.07.2016  21:21    <DIR>          boost_interprocess
26.08.2015  19:30    <DIR>          Canneverbe Limited
12.01.2015  12:15    <DIR>          CannyGames
16.02.2016  13:38    <DIR>          Codemasters
30.10.2015  09:24    <DIR>          Comms
02.01.2015  19:58    <DIR>          DAEMON Tools Lite
01.04.2015  11:31    <DIR>          dbg
03.08.2016  17:50    <DIR>          Dovetail Games
14.06.2016  11:57    <DIR>          EA Core
23.07.2016  23:01    <DIR>          eJay
29.05.2015  15:44    <DIR>          Electronic Arts
20.01.2015  10:30    <DIR>          EPSON
24.10.2015  20:29    <DIR>          Far Mills
15.12.2015  21:18    <DIR>          Forge of Games
18.06.2016  20:22    <DIR>          Foxit ContentPlatform
25.03.2015  17:54    <DIR>          Freemake
26.12.2015  20:30    <DIR>          InstallShield
27.11.2015  21:59    <DIR>          Licenses
07.04.2016  14:26    <DIR>          Lionhead Studios
05.11.2015  21:29    <DIR>          LittleGamesCompany
02.01.2015  19:52    <DIR>          Logs
21.07.2016  17:24    <DIR>          Malwarebytes
14.09.2016  16:14    <DIR>          Malwarebytes' Anti-Malware (portable)
16.09.2016  20:33    <DIR>          Microsoft Help
04.08.2015  19:56    <DIR>          Microsoft OneDrive
31.01.2015  12:03    <DIR>          Mozilla
22.06.2015  21:12    <DIR>          MumboJumbo
28.08.2016  20:36    <DIR>          Native Instruments
28.08.2016  17:41    <DIR>          NCH Software
17.09.2016  10:34    <DIR>          NVIDIA
16.09.2016  19:31    <DIR>          NVIDIA Corporation
07.09.2016  14:33    <DIR>          Oracle
29.05.2015  15:36    <DIR>          Origin
20.10.2015  20:14    <DIR>          Overwolf
07.09.2016  22:17    <DIR>          Package Cache
24.10.2015  20:29    <DIR>          Particles
09.10.2015  17:01    <DIR>          PoBros
22.12.2015  16:55    <DIR>          regid.1986-12.com.adobe
30.10.2015  20:47    <DIR>          regid.1991-06.com.microsoft
08.01.2016  21:20    <DIR>          RELOADED
03.09.2015  13:23    <DIR>          Rockstar Games
04.06.2015  10:34    <DIR>          SkidRow
25.11.2015  22:06    <DIR>          Skype
02.09.2016  19:41    <DIR>          SoftwareDistribution
29.04.2016  20:52    <DIR>          Sony
16.04.2015  16:33    <DIR>          Steam
04.05.2015  10:19    <DIR>          Sun
03.12.2015  11:40    <DIR>          TEMP
09.08.2016  14:45    <DIR>          THQ
04.01.2015  16:40    <DIR>          TuneUp Software
16.04.2015  15:22    <DIR>          Ubisoft
29.08.2016  16:38    <DIR>          Ultra Vision Video Converter
22.12.2015  16:47    <DIR>          USOPrivate
10.07.2015  14:22    <DIR>          USOShared
15.03.2016  22:06    <DIR>          VMware
02.07.2015  19:59    <DIR>          yelsi
              0 Datei(en),              0 Bytes
              64 Verzeichnis(se), 28.010.110.976 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: F648-146F

 Verzeichnis von C:\Users\Alex\AppData\Roaming

13.09.2016  20:51    <DIR>          .
13.09.2016  20:51    <DIR>          ..
03.04.2015  16:06    <DIR>          .mono
10.08.2016  20:53    <DIR>          AbiSuite
19.04.2015  11:31    <DIR>          Activision
17.08.2015  14:58    <DIR>          Adobe
30.06.2016  18:56    <DIR>          AIMP
15.11.2015  10:52            12.879 alsoft.ini
15.03.2016  22:06    <DIR>          Andy
06.07.2015  15:09    <DIR>          Anvate Games
05.02.2016  16:31    <DIR>          Anvsoft
03.09.2015  13:24    <DIR>          Argali
04.05.2016  12:16    <DIR>          Artifex Mundi
04.05.2016  12:15    <DIR>          ArtifexMundi
22.08.2016  18:25    <DIR>          Aspyr Media
18.03.2015  10:08    <DIR>          Atari
31.10.2015  18:00    <DIR>          avidemux
20.07.2016  11:52    <DIR>          Avira
31.01.2015  12:36    <DIR>          AVS4YOU
17.08.2015  12:22    <DIR>          Az-Art
02.04.2015  10:29    <DIR>          BANDISOFT
14.05.2015  18:13    <DIR>          Brave Giant
24.06.2016  09:56    <DIR>          BraveGiant
26.08.2015  19:30    <DIR>          Canneverbe Limited
06.01.2016  23:22    <DIR>          cerasus.media
06.07.2015  21:06    <DIR>          Colossal Order
02.04.2015  19:46    <DIR>          com.nesbox.companion
19.02.2016  14:24    <DIR>          DAEMON Tools Lite
08.02.2016  15:21    <DIR>          de.rokapublish.launcher
02.07.2016  17:04    <DIR>          Deep Shadows
24.07.2015  20:26    <DIR>          DeltaBin
06.09.2016  07:54    <DIR>          Desktop
07.05.2016  17:44    <DIR>          DlinkViewCam
25.03.2016  12:20    <DIR>          Doublefine
03.08.2016  17:50    <DIR>          Dovetail Games
12.04.2016  14:31    <DIR>          dvdcss
26.06.2016  11:04    <DIR>          Eipix
03.07.2016  15:01    <DIR>          EleFun Games
16.02.2016  15:14    <DIR>          Elephant Games
15.04.2015  10:27    <DIR>          EPSON
18.06.2015  12:23    <DIR>          ESS
02.01.2015  20:14    <DIR>          Feuerwache
03.12.2015  11:39    <DIR>          FileZilla
16.06.2015  15:59    <DIR>          FinewayStudios
08.07.2016  11:40    <DIR>          Five-BN Games
29.03.2015  16:49    <DIR>          Foxit Software
31.03.2016  11:58    <DIR>          Frontier Developments
07.06.2015  16:50    <DIR>          Frontwing
01.12.2015  22:28    <DIR>          FUJIFILM
10.06.2016  22:07    <DIR>          GameHouse
16.08.2015  11:10    <DIR>          GHISLER
28.06.2016  17:51    <DIR>          GrandMA Studios
31.12.2014  21:43    <DIR>          Highresolution Enterprises
31.12.2014  20:24    <DIR>          Identities
07.11.2015  14:58    <DIR>          JanesZOO realore de
03.06.2016  15:26    <DIR>          jhakonen.com
26.08.2015  16:38    <DIR>          Kalypso Media
24.03.2016  18:11    <DIR>          Keseling
26.08.2015  20:18    <DIR>          krita
05.06.2015  16:14    <DIR>          LestaStudio
07.04.2016  14:35    <DIR>          Lionhead Studios
05.11.2015  21:29    <DIR>          LittleGamesCompany
03.01.2016  15:37    <DIR>          machines
31.12.2014  21:33    <DIR>          Macromedia
21.11.2010  09:16    <DIR>          Media Center Programs
09.04.2016  15:05    <DIR>          Milestone
02.01.2015  17:51    <DIR>          Mozilla
05.11.2015  18:10    <DIR>          MumboJumbo
12.09.2016  10:35    <DIR>          MyTransitGuide
28.08.2016  17:40    <DIR>          NCH Software
12.01.2015  13:12    <DIR>          NVIDIA
15.11.2015  18:22    <DIR>          openal
04.01.2015  20:45    <DIR>          OpenOffice.org
08.03.2016  13:57    <DIR>          PhotoScape
01.04.2015  11:27    <DIR>          PlayClaw5
09.10.2015  17:01    <DIR>          PoBros
12.09.2016  08:12    <DIR>          Profiles
28.07.2016  16:17    <DIR>          ProMod
02.09.2016  20:44    <DIR>          Promotion Software GmbH
15.06.2015  10:02    <DIR>          RenPy
24.11.2015  16:55    <DIR>          ShamanGS
10.10.2015  12:32    <DIR>          Silverback Productions
01.12.2015  22:35    <DIR>          Skype
23.07.2016  22:45    <DIR>          Smart Application Controller
04.05.2015  10:16    <DIR>          SpinTires
19.04.2015  10:17    <DIR>          Steam
13.09.2015  09:21    <DIR>          Sun
10.07.2016  17:19    <DIR>          Sunward Games
20.01.2015  10:20    <DIR>          TeamViewer
03.08.2016  17:23    <DIR>          TheLastDream
31.12.2014  21:38    <DIR>          Thunderbird
16.08.2016  20:05    <DIR>          TomTom
15.06.2016  09:47    <DIR>          TS3Client
01.04.2015  11:31    <DIR>          ts3overlay
04.01.2015  16:39    <DIR>          TuneUp Software
25.03.2016  12:32    <DIR>          Ubisoft
22.03.2015  10:38    <DIR>          Unity
20.08.2015  15:32    <DIR>          uplay
21.08.2015  19:05    <DIR>          Urchin
12.09.2016  01:15    <DIR>          uTorrent
02.11.2015  22:10    <DIR>          Vast Studios
12.09.2016  10:29    <DIR>          vlc
15.03.2016  22:05    <DIR>          VMware
03.01.2015  13:03    <DIR>          Wargaming.net
11.02.2016  14:14    <DIR>          Warner Bros. Interactive Entertainment
06.05.2016  21:32    <DIR>          Winamp
02.01.2015  13:52    <DIR>          WinRAR
17.09.2016  10:37    <DIR>          Wise Care 365
30.08.2015  16:31    <DIR>          Wise Force Deleter
03.08.2015  14:47    <DIR>          WoodCutter2015
              1 Datei(en),        12.879 Bytes
            109 Verzeichnis(se), 28.010.106.880 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: F648-146F

 Verzeichnis von C:\Users\Alex\AppData\Local

18.09.2016  07:55    <DIR>          .
18.09.2016  07:55    <DIR>          ..
02.06.2016  10:49    <DIR>          ACCCx3_6_0_248
02.06.2016  10:49      266.040.255 ACCCx3_6_0_248.zip
22.12.2015  17:14    <DIR>          ActiveSync
17.09.2016  20:39    <DIR>          Adobe
30.08.2015  16:28    <DIR>          ali213GameLauncher
23.04.2015  12:23    <DIR>          Apps
15.03.2016  22:21    <DIR>          BlueStacks
09.04.2016  21:07    <DIR>          CAPCOM
01.04.2015  12:10    <DIR>          Caphyon
22.07.2015  10:13    <DIR>          CEF
06.07.2015  21:06    <DIR>          Colossal Order
04.08.2015  20:12    <DIR>          Comms
08.09.2016  12:00    <DIR>          CrashDumps
08.02.2016  22:23    <DIR>          Daedalic Entertainment GmbH
10.04.2015  15:38            4.608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
01.07.2016  18:47    <DIR>          DeadByDaylight
20.07.2016  15:03    <DIR>          Diagnostics
08.07.2015  19:29    <DIR>          Disc_Soft_Ltd
16.08.2016  20:03    <DIR>          Downloaded Installations
07.09.2016  20:20    <DIR>          ElevatedDiagnostics
18.04.2015  17:35    <DIR>          EMU
04.07.2015  18:02            3.072 file__0.localstorage
10.11.2015  14:32    <DIR>          FishingGame
08.01.2016  21:18    <DIR>          FlatOut Ultimate Carnage
01.02.2015  10:41    <DIR>          fontconfig
25.03.2015  17:54    <DIR>          FreemakeVideoConverter
31.03.2016  11:58    <DIR>          Frontier Developments
24.07.2015  20:25                92 fusioncache.dat
27.08.2015  14:44    <DIR>          GHISLER
04.08.2016  20:43    <DIR>          Ghostbusters
26.12.2015  20:57    <DIR>          GHOSTBUSTERS (tm)
13.09.2015  17:49    <DIR>          Google
01.06.2015  18:21    <DIR>          GWX
01.07.2015  09:53    <DIR>          id Software
12.09.2016  01:15    <DIR>          JDownloader v2.0
15.04.2015  21:26    <DIR>          Macromedia
10.02.2016  20:20    <DIR>          Microsoft
01.08.2015  20:13    <DIR>          Microsoft Help
04.08.2015  21:22    <DIR>          MicrosoftEdge
28.08.2016  20:28    <DIR>          Mixxx
15.04.2015  21:25    <DIR>          Mozilla
08.09.2016  13:14    <DIR>          MyComGames
11.02.2016  12:50    <DIR>          NVIDIA
02.01.2015  20:08    <DIR>          NVIDIA Corporation
01.11.2015  10:54    <DIR>          Overwolf
28.07.2016  14:49    <DIR>          Packages
04.08.2015  20:55    <DIR>          PeerDistRepub
02.01.2015  19:52    <DIR>          Programs
04.08.2015  19:54    <DIR>          Publishers
18.11.2015  12:41                17 resmon.resmoncfg
27.04.2015  20:06    <DIR>          Rockstar Games
08.05.2016  15:42    <DIR>          SKIDROW
25.11.2015  22:04    <DIR>          Skype
17.05.2015  14:01    <DIR>          SniperV2
06.08.2015  09:43    <DIR>          speech
15.01.2016  15:07    <DIR>          Sports Interactive
04.05.2015  14:58    <DIR>          Steam
18.09.2016  07:58    <DIR>          Temp
31.12.2014  21:38    <DIR>          Thunderbird
04.08.2015  19:52    <DIR>          TileDataLayer
16.08.2016  20:05    <DIR>          TomTom
15.03.2015  18:01    <DIR>          Ubisoft
16.03.2016  20:48    <DIR>          Ubisoft Game Launcher
24.04.2015  08:06    <DIR>          Unity
27.08.2016  13:19    <DIR>          UnrealEngine
17.07.2016  21:21    <DIR>          UWKProcess
17.08.2015  19:30    <DIR>          Vedran_Budimir_Bajer
14.06.2016  11:57    <DIR>          VirtualStore
01.08.2015  21:10    <DIR>          WOS4 - New York
18.04.2015  17:37    <DIR>          Zombie Army Trilogy
              5 Datei(en),    266.048.044 Bytes
              67 Verzeichnis(se), 28.016.340.992 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 4118368 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11900478 B
Java, Flash, Steam htmlcache => 11990686 B
Windows/system/drivers => 5859165 B
Edge => 0 B
Chrome => 241645 B
Firefox => 348291235 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 10742 B
Alex => 11496413 B
Administrator => 0 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 375.7 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 07:59:39 ====
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=init
# utc_time=2016-09-14 06:58:55
# local_time=2016-09-14 08:58:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30747
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=updated
# utc_time=2016-09-14 07:21:24
# local_time=2016-09-14 09:21:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# engine=30747
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-14 02:08:14
# local_time=2016-09-14 04:08:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 105909 27676237 0 0
# scanned=875277
# found=19
# cleaned=0
# scan_time=24409
sh=BD660DB0F3BAFEED7DD6B9ABF4F2A09A4E9CD344 ft=1 fh=c4823823723dbcb6 vn="Variante von Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\HPWriterSrv3.exe"
sh=FF86811046BB37238928C86EAE3CCF6164529B13 ft=1 fh=d771fea206236401 vn="Variante von Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\RewRun3.exe"
sh=C1DADFE71FE3FD8DC6F0C2DC41402C02DFF81003 ft=1 fh=406a96ff8679afbb vn="Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\uninstaller.exe"
sh=C34BD11275EBD432D83F79F7A5F10B2E30B8DEDC ft=1 fh=8c201fdfc00bb791 vn="Variante von Win32/Adware.ConvertAd.AIB Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\kns89B9.tmp"
sh=52496E7CF9ECDAE3CC18549BD7754BA5693B3BD4 ft=1 fh=70aecf391d3cbaad vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\Uninstall.exe"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\vnspA1CE.tmp"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uonvimpgncoayuywrsgxzzvzrofescit\ASPackage.exe"
sh=52496E7CF9ECDAE3CC18549BD7754BA5693B3BD4 ft=1 fh=70aecf391d3cbaad vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uonvimpgncoayuywrsgxzzvzrofescit\Uninstall.exe"
sh=EDF0354FF34416B3F13FD13EBF845B4A0ED17B82 ft=1 fh=c733440aa031f24e vn="Win32/Obfuscated.NJW Trojaner" ac=I fn="C:\Program Files (x86)\Prerpetaincliiph\clhBuilder.dll"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\Bh2Bq[1]"
sh=60FAD6BBE7096411F754A50795A7F0BBC707BBC5 ft=1 fh=9f7e7ad2be25a96b vn="Variante von Win32/Adware.ConvertAd.AIB Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\QF7DTB0P\F9LD9DNn[1].exe"
sh=6123665FB6B2155FD44ACEAB22746B396FCCD91E ft=1 fh=d1a0b4764549ee15 vn="Variante von Generik.KFXUPWH Trojaner" ac=I fn="C:\Users\Alex\AppData\Local\Temp\237752750\ic-0.a62718415d79.exe"
sh=B83FE078F7291F20B4220EDE372C2849613DDE38 ft=1 fh=c626008e9416baa6 vn="Variante von Win32/Amonetize.EA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Temp\237752750\Setup__2140_il1815.exe"
sh=25D0928F7F1290E61EDEBDC39918EDC66F09E15B ft=1 fh=227fddb500b723ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe"
sh=99E1E02AD798ABDD74FD7BC12F28F2AB3D9D5643 ft=1 fh=849614c9df75d0a1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe"
sh=986C2D786DB478D4218A33D428D674D914D1AAAA ft=1 fh=452b623593d1e3c1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MyPhoneExplorer - CHIP-Installer.exe"
sh=AFD9AA1829E568C54F8C8AE7043A1287E2FF6AF7 ft=1 fh=b13f6e6910880f56 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe"
sh=A975AE17D053805FCF012966D3E03604C8E563A4 ft=1 fh=7b403eeaf93e8240 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe"
sh=EDE0C0AB0A1D853FB47223B95B3C50B8758A9A55 ft=1 fh=6978c99c3b124e09 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="F:\20.09\Downloads\writer_free.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=init
# utc_time=2016-09-18 06:06:25
# local_time=2016-09-18 08:06:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30787
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=updated
# utc_time=2016-09-18 06:07:29
# local_time=2016-09-18 08:07:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# engine=30787
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-18 12:27:21
# local_time=2016-09-18 02:27:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 99556 28015784 0 0
# scanned=861344
# found=16
# cleaned=0
# scan_time=22791
sh=BD660DB0F3BAFEED7DD6B9ABF4F2A09A4E9CD344 ft=1 fh=c4823823723dbcb6 vn="Variante von Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\HPWriterSrv3.exe"
sh=FF86811046BB37238928C86EAE3CCF6164529B13 ft=1 fh=d771fea206236401 vn="Variante von Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\RewRun3.exe"
sh=C1DADFE71FE3FD8DC6F0C2DC41402C02DFF81003 ft=1 fh=406a96ff8679afbb vn="Win32/Adware.HPDefender.DR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gxlbntmixvccfcegojodppkfrbcstncz\uninstaller.exe"
sh=C34BD11275EBD432D83F79F7A5F10B2E30B8DEDC ft=1 fh=8c201fdfc00bb791 vn="Variante von Win32/Adware.ConvertAd.AIB Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\kns89B9.tmp"
sh=52496E7CF9ECDAE3CC18549BD7754BA5693B3BD4 ft=1 fh=70aecf391d3cbaad vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\Uninstall.exe"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kayfrxdkughxzdpjqunxswaifsdmrzoj\vnspA1CE.tmp"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uonvimpgncoayuywrsgxzzvzrofescit\ASPackage.exe"
sh=52496E7CF9ECDAE3CC18549BD7754BA5693B3BD4 ft=1 fh=70aecf391d3cbaad vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uonvimpgncoayuywrsgxzzvzrofescit\Uninstall.exe"
sh=E76E5BC52B28145C9C76C6D8245FF84184159E12 ft=1 fh=15d553a83be97a75 vn="Win32/Adware.ConvertAd.AEY Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\Bh2Bq[1]"
sh=60FAD6BBE7096411F754A50795A7F0BBC707BBC5 ft=1 fh=9f7e7ad2be25a96b vn="Variante von Win32/Adware.ConvertAd.AIB Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\QF7DTB0P\F9LD9DNn[1].exe"
sh=25D0928F7F1290E61EDEBDC39918EDC66F09E15B ft=1 fh=227fddb500b723ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe"
sh=99E1E02AD798ABDD74FD7BC12F28F2AB3D9D5643 ft=1 fh=849614c9df75d0a1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe"
sh=986C2D786DB478D4218A33D428D674D914D1AAAA ft=1 fh=452b623593d1e3c1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\MyPhoneExplorer - CHIP-Installer.exe"
sh=AFD9AA1829E568C54F8C8AE7043A1287E2FF6AF7 ft=1 fh=b13f6e6910880f56 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe"
sh=A975AE17D053805FCF012966D3E03604C8E563A4 ft=1 fh=7b403eeaf93e8240 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe"
sh=EDE0C0AB0A1D853FB47223B95B3C50B8758A9A55 ft=1 fh=6978c99c3b124e09 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="F:\20.09\Downloads\writer_free.exe"
[CODE]
Code:
HitmanPro 3.7.14.276
www.hitmanpro.com

  Computer name . . . . : PEACHY
  Windows . . . . . . . : 10.0.0.10586.X64/4
  User name . . . . . . : PEACHY\Alex
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2016-09-18 14:49:50
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 9m 56s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 8
  Traces  . . . . . . . : 12

  Objects scanned . . . : 3.226.275
  Files scanned . . . . : 205.222
  Remnants scanned  . . : 1.257.436 files / 1.763.617 keys

Malware _____________________________________________________________________

  C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\8JG3H0PH\setupfa_4435[1].exe
      Size . . . . . . . : 4.558.748 bytes
      Age  . . . . . . . : 12.1 days (2016-09-06 13:11:38)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 5BC875A5E09B4264F8634A74D1AD6F46DAAAEBD94E2BD70D2E2866E8EFA4B00E
      Needs elevation  . : Yes
    > Bitdefender  . . . : Trojan.GenericKD.3399365
      Fuzzy  . . . . . . : 118.0
      Forensic Cluster
        -26.1s C:\Users\Alex\Downloads\ssleay32.dll
        -26.0s C:\Users\Alex\Downloads\libeay32.dll
        -25.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\13\BF33A97ACD4D15C5.dat
        -24.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\79\778B191E5E550E53.dat
        -21.4s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E9B037875737BCE7C5CC1BF065C133_A846900AD583256DF696CF8F711A9E5E
        -21.4s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E9B037875737BCE7C5CC1BF065C133_A846900AD583256DF696CF8F711A9E5E
        -21.2s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\Bh2Bq[1]
        -21.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\03\C0F56A481D661623.dat
        -19.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\03\C0F56A481D661623.dat
        -16.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{569B1D38-CAEA-46EE-BE5E-8225F224B546}
        -14.4s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\55CQQGFX\validc[1].htm
        -14.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\03\1F3009D2619ABE13.dat
        -0.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\70\65868BD96C1E4732.dat
          0.0s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\8JG3H0PH\setupfa_4435[1].exe
          0.7s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\8JG3H0PH\pixl[1].htm
          0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\70\
          0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\70\65868BD96C1E4732.dat
          2.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\67\5955F0C7119AC69B.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\27\267D142C48F0A8D7.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\70\B4850363154BA716.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\04\144E52C4D1910AF4.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\06\6FBFF0701C8D4A9A.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\01\E4F323E879886735.dat
          2.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\21\B3499C1920C1D07D.dat
          3.8s C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\Data\fb9238d6448ef833aa4f72f339c786ffde4baac6
          4.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\
          4.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory\13\5BF54162-16EB-457B-BA31-F786A2564FF7
          4.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\30\BEA093497A7F5D12.dat
          5.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\12\DD331B3F279A7A64.dat
          6.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\60\15FFED5A4CD58460.dat

  C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\QF7DTB0P\F9LD9DNn[1].exe
      Size . . . . . . . : 439.296 bytes
      Age  . . . . . . . : 12.1 days (2016-09-06 13:12:43)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 1547F98C0DB5BA5BA2CD93E796CFB3DC86D83C03E3290C9F734D14865EEDDE23
    > Bitdefender  . . . : Generic.Adware.ConvertAd.0AC6B037
    > HitmanPro  . . . . : App/Generic-GA
      Fuzzy  . . . . . . : 107.0
      Forensic Cluster
        -4.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\32\CB3A352C5D45D5E0.dat
        -4.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\24\856D7CE570A9B0C0.dat
          0.0s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\QF7DTB0P\F9LD9DNn[1].exe
          0.4s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\5A79B92B390EB45B9B13A06BE58030DE
          0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{53D83BC6-EAF4-4952-B044-CD19392D3D0A}
          1.1s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\55CQQGFX\6p44KU[1].exe
          1.3s C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{2B42090E-C99B-5D34-BA4E-B61D95EDFF63}
          1.3s C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{E94C8A78-5213-9783-D597-56213D0889F7}-nsv4CDD.tmp.exe
          1.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\77\8E3E0045B62DB0B5.dat
          2.4s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_0_2b9ecc4637455dd3afded57b9f810f4ad6836b1_00000000_2771acd8\
          2.4s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_0_2b9ecc4637455dd3afded57b9f810f4ad6836b1_00000000_2771acd8\Report.wer
          6.4s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\reportstatus[1].htm
        18.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\05\F8F28C21B28E167D.dat
        19.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\69\B9B7927337F14631.dat
        19.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\88\73FFFEDA60C361F8.dat
        21.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\91\63F2153DD9100433.dat
        21.5s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\QF7DTB0P\swSOrp[1]
        22.8s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\77\8E3E0045B62DB0B5.dat
        26.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\18\BB6FA2E2C09F093E.dat
        28.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\98\A3D7890D8F21CE76.dat
        29.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\86\B53A9F5056FED9BA.dat
        31.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\60\A49A8416FB64AAFC.dat
        33.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\99\7702E862BFF9C8F3.dat
        42.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\39\CD4021D0E6EE416F.dat
        42.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\77\EF2B32AF9BB4921D.dat

  C:\Users\Alex\Downloads\dffsetup-d3dcompiler_43.exe
      Size . . . . . . . : 5.344.984 bytes
      Age  . . . . . . . : 624.8 days (2015-01-02 19:51:30)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 9E969C076BCEAFD3618C9143A85B6F365C88A1D2BA414DEC9904B9E6FE7E6AE4
      Product  . . . . . : Dll-Files Fixer                                           
      Publisher  . . . . : Dll-Files.com                                             
      Description  . . . : Dll-Files Fixer                                           
      Version  . . . . . : Dll-Files
      RSA Key Size . . . : 2048
      LanguageID . . . . : 0
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.Tuneup.c
      Fuzzy  . . . . . . : 99.0

  C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 19.0 days (2016-08-30 13:45:22)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 0E77FBFBD0AB2D32016D28DE4B85C7028C7DFA8576F485E5CCB7DFFA3F59551E
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0

  C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 19.1 days (2016-08-30 11:43:48)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 616D9A60C6E22354B16513F3C88D61D084AF81AFD118F235FA85567CB016B749
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0

  C:\Users\Alex\Downloads\MyPhoneExplorer - CHIP-Installer.exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 43.0 days (2016-08-06 15:26:42)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 9B5E4D3538B26D0AA66B7DC50EFEC5E03F8A904114D3293066A56BB4BCC513F2
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 103.0

  C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 19.2 days (2016-08-30 09:48:34)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : D5A870D4374DED6856C55103F92F0DD74320450C4245AF15A5C75D447351585D
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0
      Forensic Cluster
          0.0s C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
          0.2s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.223.Crwl

  C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe
      Size . . . . . . . : 1.474.568 bytes
      Age  . . . . . . . : 19.0 days (2016-08-30 13:42:37)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : 83E9CA7D0B5BA2819268C33B7DDB26491E500AB3756D26CC5281B1BD6B2C11E6
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0


Suspicious files ____________________________________________________________

  C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\FRST64[1].exe
      Size . . . . . . . : 2.399.232 bytes
      Age  . . . . . . . : 0.9 days (2016-09-17 16:29:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3EE9D23F575FED89ACB77F84CF32ED652198267BB5EC53FE0B4F057852F43BA5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
        -5.8s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\msscp.dll
        -5.8s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\msnetobj.dll
        -5.8s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\drmv2clt.dll
        -5.8s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\wmdrmdev.dll
        -5.0s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\wmdrmnet.dll
        -5.0s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\wmdrmsdk.dll
        -4.3s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\blackbox.dll
        -4.3s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-drm_31bf3856ad364e35_10.0.10586.0_none_05085deda384e375\drmmgrtn.dll
        -4.1s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-wmpdxm_31bf3856ad364e35_10.0.10586.0_none_3b12660506837e43\msdxm.tlb
        -4.1s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-wmpdxm_31bf3856ad364e35_10.0.10586.0_none_3b12660506837e43\amcompat.tlb
        -4.1s C:\Windows\WinSxS\wow64_microsoft-windows-mediaplayer-wmpdxm_31bf3856ad364e35_10.0.10586.0_none_3b12660506837e43\wmpdxm.dll
        -3.9s C:\Windows\WinSxS\wow64_microsoft-windows-mfasfsrcsnk_31bf3856ad364e35_10.0.10586.122_none_37f0f392cfee692c\mfasfsrcsnk.dll
        -2.0s C:\Windows\WinSxS\wow64_microsoft-windows-mfcore_31bf3856ad364e35_10.0.10586.122_none_684ba872ea897db9\mfcore.dll
        -1.1s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCookies\0UC7GES2.txt
        -1.1s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\55CQQGFX\82[1].htm
        -0.7s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
        -0.7s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
        -0.5s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
        -0.5s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
        -0.3s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
        -0.3s C:\Users\Alex\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
        -0.3s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\8JG3H0PH\FRST64[1].exe
          0.0s C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\3V0AU7HS\FRST64[1].exe
          2.5s C:\Windows\WinSxS\wow64_microsoft-windows-mfcore_31bf3856ad364e35_10.0.10586.122_none_684ba872ea897db9\mfps.dll
          2.7s C:\Windows\WinSxS\wow64_microsoft-windows-mfnetcore_31bf3856ad364e35_10.0.10586.63_none_1d41a739d2231b24\mfnetcore.dll
          2.8s C:\Windows\WinSxS\wow64_microsoft-windows-mfnetsrc_31bf3856ad364e35_10.0.10586.63_none_012272a49f156f11\mfnetsrc.dll
          5.1s C:\Windows\WinSxS\wow64_microsoft-windows-mfplat_31bf3856ad364e35_10.0.10586.35_none_8502a70938946252\mfplat.dll
          6.5s C:\Users\Alex\Desktop\VP\17.09.16\Fixlog.txt
          6.8s C:\Windows\WinSxS\wow64_microsoft-windows-miracast-receiver-api_31bf3856ad364e35_10.0.10586.0_none_9f7c9535f7754a79\MiracastReceiver.dll
          8.1s C:\Windows\WinSxS\wow64_microsoft-windows-msauditevtlog_31bf3856ad364e35_10.0.10586.0_none_5e1cbcf9572569e8\msobjs.dll
          8.3s C:\Windows\WinSxS\wow64_microsoft-windows-msauditevtlog_31bf3856ad364e35_10.0.10586.0_none_5e1cbcf9572569e8\adtschema.dll
          9.7s C:\Windows\WinSxS\wow64_microsoft-windows-msauditevtlog_31bf3856ad364e35_10.0.10586.0_none_5e1cbcf9572569e8\msaudite.dll
          9.8s C:\Windows\WinSxS\wow64_microsoft-windows-msdt_31bf3856ad364e35_10.0.10586.0_none_3c5ca49dfc3e6eaa\msdt.exe
        10.0s C:\Windows\WinSxS\wow64_microsoft-windows-msftedit_31bf3856ad364e35_10.0.10586.17_none_641363be1c60dbb8\msftedit.dll
        27.4s C:\Windows\WinSxS\wow64_microsoft-windows-msxml30_31bf3856ad364e35_10.0.10586.0_none_1f488345758e1768\msxml3.dll
        27.9s C:\Users\Alex\Desktop\VP\17.09.16\FRST.txt
        30.9s C:\Windows\WinSxS\wow64_microsoft-windows-msxml60_31bf3856ad364e35_10.0.10586.63_none_16dbb0287be53fe2\msxml6.dll

  C:\Users\Alex\Desktop\FRST64.exe
      Size . . . . . . . : 2.399.232 bytes
      Age  . . . . . . . : 4.7 days (2016-09-13 21:12:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3EE9D23F575FED89ACB77F84CF32ED652198267BB5EC53FE0B4F057852F43BA5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Alex\Desktop\FRST64.exe
          0.0s C:\Users\Alex\Desktop\VP\FRST64.exe

  C:\Users\Alex\Desktop\VP\FRST64.exe
      Size . . . . . . . : 2.399.232 bytes
      Age  . . . . . . . : 4.7 days (2016-09-13 21:12:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3EE9D23F575FED89ACB77F84CF32ED652198267BB5EC53FE0B4F057852F43BA5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Alex\Desktop\FRST64.exe
          0.0s C:\Users\Alex\Desktop\VP\FRST64.exe


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package\ (TweakBit)

bohm 18.09.2016 14:08
FRST 1

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Alex (Administrator) auf PEACHY (18-09-2016 15:00:25)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex & Administrator & DefaultAppPool (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Wargaming.net) D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\Syswow64\CMICNFG3.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => "C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE" RunWithWindows
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-08-05] (Wargaming.net)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: H - "H:\AutoRun.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {0f748fbf-2152-11e5-8233-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {94b3fc27-1c9b-11e5-ac5a-50465d90560b} - "H:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{faa03109-abab-40bf-9edb-fcd71145efd5}: [DhcpNameServer] 192.168.224.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-07] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-17] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-02-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-14]

Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-09-18] <==== ACHTUNG
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-12]
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2016-09-14]
CHR Extension: (Google Präsentationen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-26]
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-26]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-26]
CHR Extension: (Fast Social for Google Chrome™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgibcbnbhhkelflcgappdalfbopghof [2016-09-06]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-26]
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Google Tabellen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-26]
CHR Extension: (Myinstants Soundboard) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fggacdedkdoacbemcilniodecinpfkgi [2016-08-30]
CHR Extension: (Avira Browserschutz) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-08]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-26]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (mydlink services plugin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2016-07-26]
CHR Extension: (Google Maps) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-26]
CHR Extension: (Mein Chrome-Design) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-07-26]
CHR Extension: (SEGA GENESIS / SEGA Mega Drive Emulator) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnmgamcdbdieifheiiphnbbbcaofcbc [2016-07-26]
CHR Extension: (Emulador de Super Nintendo) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pffhngmcplldclknnkmkkecjlhhccmid [2016-07-26]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-26]
CHR Extension: (RHS) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkaifndebjpbndephomibbjjbnokmfab [2016-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]
CHR Extension: (Audio Cutter) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [253392 2016-08-26] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310448 2016-09-07] (Overwolf LTD)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [20128 2016-01-15] () [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 15:00 - 2016-09-18 15:01 - 00024238 _____ C:\Users\Alex\Desktop\FRST.txt
2016-09-18 14:48 - 2016-09-18 15:00 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-18 14:48 - 2016-09-18 14:48 - 11572656 _____ (SurfRight B.V.) C:\Users\Alex\Downloads\HitmanPro_x64.exe
2016-09-18 08:05 - 2016-09-18 08:05 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu(1).exe
2016-09-18 07:58 - 2016-09-18 07:59 - 00023395 _____ C:\Users\Alex\Desktop\Fixlog.txt
2016-09-14 17:23 - 2016-09-18 07:58 - 00000000 ____D C:\Users\Alex\Desktop\VP
2016-09-14 16:20 - 2016-09-14 16:20 - 22851472 _____ (Malwarebytes ) C:\Users\Alex\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-14 16:08 - 2016-09-14 16:08 - 00004542 _____ C:\Users\Alex\Desktop\14.09.16.txt
2016-09-14 14:48 - 2016-09-07 07:26 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-14 14:48 - 2016-09-07 06:48 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-14 14:48 - 2016-09-07 06:43 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-14 14:48 - 2016-09-07 06:35 - 24611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-14 14:48 - 2016-09-07 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-14 14:48 - 2016-09-07 06:31 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-09-14 14:48 - 2016-09-07 06:31 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-14 14:48 - 2016-09-07 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-14 14:48 - 2016-09-07 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-14 14:48 - 2016-09-07 06:30 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-14 14:48 - 2016-09-07 06:29 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-14 14:48 - 2016-09-07 06:26 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-14 14:48 - 2016-09-07 06:26 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-14 14:48 - 2016-09-07 06:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-14 14:48 - 2016-09-07 06:22 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-14 14:48 - 2016-09-07 06:15 - 07831552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 01098640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00620176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2016-09-14 14:47 - 2016-09-07 07:39 - 00277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-14 14:47 - 2016-09-07 07:37 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-14 14:47 - 2016-09-07 07:33 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-14 14:47 - 2016-09-07 07:27 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-14 14:47 - 2016-09-07 07:27 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-14 14:47 - 2016-09-07 07:26 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 01152320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00847648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00588320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00586200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-14 14:47 - 2016-09-07 07:26 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-14 14:47 - 2016-09-07 07:25 - 02607336 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-14 14:47 - 2016-09-07 07:25 - 01270064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-14 14:47 - 2016-09-07 07:24 - 00511312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00496360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2016-09-14 14:47 - 2016-09-07 07:24 - 00355672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-14 14:47 - 2016-09-07 07:23 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-09-14 14:47 - 2016-09-07 07:23 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-14 14:47 - 2016-09-07 07:23 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 02937384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 01128096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-14 14:47 - 2016-09-07 07:22 - 01085728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2016-09-14 14:47 - 2016-09-07 07:22 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-14 14:47 - 2016-09-07 07:20 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-09-14 14:47 - 2016-09-07 07:19 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-14 14:47 - 2016-09-07 07:15 - 00911640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-09-14 14:47 - 2016-09-07 07:12 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-09-14 14:47 - 2016-09-07 07:12 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-14 14:47 - 2016-09-07 07:08 - 00116216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-14 14:47 - 2016-09-07 06:52 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-09-14 14:47 - 2016-09-07 06:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-14 14:47 - 2016-09-07 06:49 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-14 14:47 - 2016-09-07 06:48 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-14 14:47 - 2016-09-07 06:47 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-14 14:47 - 2016-09-07 06:46 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-14 14:47 - 2016-09-07 06:46 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-14 14:47 - 2016-09-07 06:44 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-14 14:47 - 2016-09-07 06:44 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2016-09-14 14:47 - 2016-09-07 06:42 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-14 14:47 - 2016-09-07 06:42 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-14 14:47 - 2016-09-07 06:41 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-14 14:47 - 2016-09-07 06:40 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-09-14 14:47 - 2016-09-07 06:40 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2016-09-14 14:47 - 2016-09-07 06:39 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-14 14:47 - 2016-09-07 06:39 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2016-09-14 14:47 - 2016-09-07 06:39 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2016-09-14 14:47 - 2016-09-07 06:38 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2016-09-14 14:47 - 2016-09-07 06:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-09-14 14:47 - 2016-09-07 06:38 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2016-09-14 14:47 - 2016-09-07 06:38 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2016-09-14 14:47 - 2016-09-07 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-14 14:47 - 2016-09-07 06:37 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 01568768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2016-09-14 14:47 - 2016-09-07 06:36 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-14 14:47 - 2016-09-07 06:36 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-14 14:47 - 2016-09-07 06:35 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-09-14 14:47 - 2016-09-07 06:35 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-14 14:47 - 2016-09-07 06:34 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-14 14:47 - 2016-09-07 06:34 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-09-14 14:47 - 2016-09-07 06:33 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-09-14 14:47 - 2016-09-07 06:32 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-14 14:47 - 2016-09-07 06:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-09-14 14:47 - 2016-09-07 06:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-14 14:47 - 2016-09-07 06:32 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-14 14:47 - 2016-09-07 06:31 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-14 14:47 - 2016-09-07 06:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-09-14 14:47 - 2016-09-07 06:31 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 02476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-14 14:47 - 2016-09-07 06:30 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-14 14:47 - 2016-09-07 06:29 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2016-09-14 14:47 - 2016-09-07 06:29 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-14 14:47 - 2016-09-07 06:28 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-14 14:47 - 2016-09-07 06:28 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc_ssp.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-09-14 14:47 - 2016-09-07 06:28 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-14 14:47 - 2016-09-07 06:28 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2016-09-14 14:47 - 2016-09-07 06:28 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2016-09-14 14:47 - 2016-09-07 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-14 14:47 - 2016-09-07 06:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-09-14 14:47 - 2016-09-07 06:26 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2016-09-14 14:47 - 2016-09-07 06:25 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-14 14:47 - 2016-09-07 06:25 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-14 14:47 - 2016-09-07 06:24 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-14 14:47 - 2016-09-07 06:23 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-09-14 14:47 - 2016-09-07 06:22 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-14 14:47 - 2016-09-07 06:22 - 02106368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 02527232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-14 14:47 - 2016-09-07 06:21 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-14 14:47 - 2016-09-07 06:20 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-14 14:47 - 2016-09-07 06:20 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-14 14:47 - 2016-09-07 06:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2016-09-14 14:47 - 2016-09-07 06:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-14 14:47 - 2016-09-07 06:17 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01194496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2016-09-14 14:47 - 2016-09-07 06:16 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-09-14 14:47 - 2016-09-07 06:15 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-09-14 14:47 - 2016-09-07 06:15 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 02553856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-09-14 14:47 - 2016-09-07 06:14 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-14 14:47 - 2016-09-07 06:13 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 14:47 - 2016-09-07 06:13 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-09-14 14:47 - 2016-09-07 06:12 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-14 14:47 - 2016-09-07 06:11 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-14 14:47 - 2016-09-07 06:11 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-09-14 14:47 - 2016-09-07 06:10 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-14 14:47 - 2016-09-07 06:10 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-09-14 14:47 - 2016-09-05 02:37 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-14 14:46 - 2016-09-07 07:39 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-14 14:46 - 2016-09-07 07:39 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-14 14:46 - 2016-09-07 07:39 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-14 14:46 - 2016-09-07 07:39 - 00799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00705576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00601744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00414232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00337328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00328520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2016-09-14 14:46 - 2016-09-07 07:39 - 00175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-14 14:46 - 2016-09-07 07:37 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-14 14:46 - 2016-09-07 07:36 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-09-14 14:46 - 2016-09-07 07:36 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-14 14:46 - 2016-09-07 07:35 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-14 14:46 - 2016-09-07 07:35 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-14 14:46 - 2016-09-07 07:35 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-09-14 14:46 - 2016-09-07 07:34 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-14 14:46 - 2016-09-07 07:33 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00693592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-09-14 14:46 - 2016-09-07 07:26 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-09-14 14:46 - 2016-09-07 07:25 - 01447776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2016-09-14 14:46 - 2016-09-07 07:25 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 01118200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-14 14:46 - 2016-09-07 07:24 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-09-14 14:46 - 2016-09-07 07:22 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-14 14:46 - 2016-09-07 07:22 - 00359256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-14 14:46 - 2016-09-07 07:21 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-14 14:46 - 2016-09-07 07:21 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-14 14:46 - 2016-09-07 07:20 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02773088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02548936 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 02144512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-09-14 14:46 - 2016-09-07 07:16 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-14 14:46 - 2016-09-07 07:15 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-14 14:46 - 2016-09-07 07:15 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-09-14 14:46 - 2016-09-07 07:13 - 01865584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-09-14 14:46 - 2016-09-07 07:12 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-14 14:46 - 2016-09-07 07:12 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-09-14 14:46 - 2016-09-07 07:11 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-14 14:46 - 2016-09-07 07:11 - 00057912 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-14 14:46 - 2016-09-07 07:07 - 01951848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-14 14:46 - 2016-09-07 06:53 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2016-09-14 14:46 - 2016-09-07 06:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-14 14:46 - 2016-09-07 06:47 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-14 14:46 - 2016-09-07 06:46 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2016-09-14 14:46 - 2016-09-07 06:46 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-14 14:46 - 2016-09-07 06:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2016-09-14 14:46 - 2016-09-07 06:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-14 14:46 - 2016-09-07 06:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-14 14:46 - 2016-09-07 06:43 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2016-09-14 14:46 - 2016-09-07 06:43 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys
2016-09-14 14:46 - 2016-09-07 06:42 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2016-09-14 14:46 - 2016-09-07 06:42 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-09-14 14:46 - 2016-09-07 06:41 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2016-09-14 14:46 - 2016-09-07 06:41 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-14 14:46 - 2016-09-07 06:41 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-14 14:46 - 2016-09-07 06:40 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2016-09-14 14:46 - 2016-09-07 06:40 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2016-09-14 14:46 - 2016-09-07 06:39 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Cortana.ProxyStub.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2016-09-14 14:46 - 2016-09-07 06:38 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2016-09-14 14:46 - 2016-09-07 06:37 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-14 14:46 - 2016-09-07 06:36 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-09-14 14:46 - 2016-09-07 06:36 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwcfg.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-14 14:46 - 2016-09-07 06:35 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2016-09-14 14:46 - 2016-09-07 06:35 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2016-09-14 14:46 - 2016-09-07 06:34 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2016-09-14 14:46 - 2016-09-07 06:34 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2016-09-14 14:46 - 2016-09-07 06:34 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll

bohm 18.09.2016 14:09
FRST 2

Code:
2016-09-14 14:46 - 2016-09-07 06:33 - 01813504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-14 14:46 - 2016-09-07 06:33 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2016-09-14 14:46 - 2016-09-07 06:33 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 04213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc_ssp.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2016-09-14 14:46 - 2016-09-07 06:32 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2016-09-14 14:46 - 2016-09-07 06:31 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00852992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authfwcfg.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-14 14:46 - 2016-09-07 06:31 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01558528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-09-14 14:46 - 2016-09-07 06:30 - 01318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-09-14 14:46 - 2016-09-07 06:30 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-14 14:46 - 2016-09-07 06:29 - 01465344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-09-14 14:46 - 2016-09-07 06:29 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2016-09-14 14:46 - 2016-09-07 06:29 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-09-14 14:46 - 2016-09-07 06:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-14 14:46 - 2016-09-07 06:27 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-14 14:46 - 2016-09-07 06:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-09-14 14:46 - 2016-09-07 06:26 - 01537536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-14 14:46 - 2016-09-07 06:26 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-09-14 14:46 - 2016-09-07 06:25 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-14 14:46 - 2016-09-07 06:25 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-09-14 14:46 - 2016-09-07 06:24 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-14 14:46 - 2016-09-07 06:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-14 14:46 - 2016-09-07 06:24 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-09-14 14:46 - 2016-09-07 06:23 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-14 14:46 - 2016-09-07 06:23 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-09-14 14:46 - 2016-09-07 06:23 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2016-09-14 14:46 - 2016-09-07 06:23 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 03093504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-14 14:46 - 2016-09-07 06:22 - 01297408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-14 14:46 - 2016-09-07 06:22 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-09-14 14:46 - 2016-09-07 06:21 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2016-09-14 14:46 - 2016-09-07 06:21 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2016-09-14 14:46 - 2016-09-07 06:20 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-14 14:46 - 2016-09-07 06:19 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-14 14:46 - 2016-09-07 06:19 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-09-14 14:46 - 2016-09-07 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-14 14:46 - 2016-09-07 06:18 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-14 14:46 - 2016-09-07 06:18 - 04826624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-09-14 14:46 - 2016-09-07 06:17 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-14 14:46 - 2016-09-07 06:16 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-14 14:46 - 2016-09-07 06:15 - 02772480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-14 14:46 - 2016-09-07 06:15 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 03078656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 02573824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-14 14:46 - 2016-09-07 06:14 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-14 14:46 - 2016-09-07 06:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-14 14:46 - 2016-09-07 06:11 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-14 14:46 - 2016-09-07 06:10 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-14 14:46 - 2016-09-07 06:10 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-09-14 14:46 - 2016-09-07 06:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-09-14 14:46 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2016-09-14 14:46 - 2016-09-07 06:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 07468896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 14:45 - 2016-09-07 07:39 - 01997832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 01862000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-14 14:45 - 2016-09-07 07:39 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-14 14:45 - 2016-09-07 07:34 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-09-14 14:45 - 2016-09-07 07:26 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-14 14:45 - 2016-09-07 07:26 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-14 14:45 - 2016-09-07 07:23 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-14 14:45 - 2016-09-07 07:23 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-14 14:45 - 2016-09-07 07:22 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00742192 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-14 14:45 - 2016-09-07 07:22 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-14 14:45 - 2016-09-07 07:22 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-09-14 14:45 - 2016-09-07 07:22 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-09-14 14:45 - 2016-09-07 07:21 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-14 14:45 - 2016-09-07 07:21 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-14 14:45 - 2016-09-07 07:20 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-14 14:45 - 2016-09-07 07:19 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-09-14 14:45 - 2016-09-07 07:15 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-14 14:45 - 2016-09-07 07:14 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-14 14:45 - 2016-09-07 07:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-14 14:45 - 2016-09-07 07:13 - 02186856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-09-14 14:45 - 2016-09-07 07:12 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 02187408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-14 14:45 - 2016-09-07 07:11 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-09-14 14:45 - 2016-09-07 07:08 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-09-14 14:45 - 2016-09-07 07:07 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-09-14 14:45 - 2016-09-07 06:46 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-14 14:45 - 2016-09-07 06:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2016-09-14 14:45 - 2016-09-07 06:44 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2016-09-14 14:45 - 2016-09-07 06:43 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2016-09-14 14:45 - 2016-09-07 06:42 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-09-14 14:45 - 2016-09-07 06:41 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-14 14:45 - 2016-09-07 06:41 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-14 14:45 - 2016-09-07 06:40 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2016-09-14 14:45 - 2016-09-07 06:40 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-14 14:45 - 2016-09-07 06:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2016-09-14 14:45 - 2016-09-07 06:39 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2016-09-14 14:45 - 2016-09-07 06:39 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2016-09-14 14:45 - 2016-09-07 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2016-09-14 14:45 - 2016-09-07 06:37 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-09-14 14:45 - 2016-09-07 06:36 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2016-09-14 14:45 - 2016-09-07 06:36 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-14 14:45 - 2016-09-07 06:35 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2016-09-14 14:45 - 2016-09-07 06:35 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-09-14 14:45 - 2016-09-07 06:35 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbceip.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-09-14 14:45 - 2016-09-07 06:34 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-14 14:45 - 2016-09-07 06:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-14 14:45 - 2016-09-07 06:32 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-14 14:45 - 2016-09-07 06:32 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppinst.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-14 14:45 - 2016-09-07 06:31 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-14 14:45 - 2016-09-07 06:31 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 14251520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-14 14:45 - 2016-09-07 06:30 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-09-14 14:45 - 2016-09-07 06:30 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-14 14:45 - 2016-09-07 06:30 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-09-14 14:45 - 2016-09-07 06:29 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-09-14 14:45 - 2016-09-07 06:28 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-14 14:45 - 2016-09-07 06:28 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-09-14 14:45 - 2016-09-07 06:27 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-09-14 14:45 - 2016-09-07 06:26 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-09-14 14:45 - 2016-09-07 06:25 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-09-14 14:45 - 2016-09-07 06:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-14 14:45 - 2016-09-07 06:25 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-14 14:45 - 2016-09-07 06:24 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-14 14:45 - 2016-09-07 06:23 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 12585472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2016-09-14 14:45 - 2016-09-07 06:22 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-09-14 14:45 - 2016-09-07 06:21 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-09-14 14:45 - 2016-09-07 06:21 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2016-09-14 14:45 - 2016-09-07 06:21 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 06976000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-14 14:45 - 2016-09-07 06:20 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-14 14:45 - 2016-09-07 06:20 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-09-14 14:45 - 2016-09-07 06:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-14 14:45 - 2016-09-07 06:19 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-14 14:45 - 2016-09-07 06:19 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2016-09-14 14:45 - 2016-09-07 06:19 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2016-09-14 14:45 - 2016-09-07 06:17 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-09-14 14:45 - 2016-09-07 06:17 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-14 14:45 - 2016-09-07 06:16 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 01978880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-09-14 14:45 - 2016-09-07 06:15 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-14 14:45 - 2016-09-07 06:14 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-14 14:45 - 2016-09-07 06:13 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-14 14:45 - 2016-09-07 06:12 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-09-14 14:45 - 2016-09-07 06:12 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-09-14 14:45 - 2016-09-07 06:11 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2016-09-14 14:45 - 2016-09-07 06:10 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-14 14:45 - 2016-09-07 06:09 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2016-09-14 14:45 - 2016-09-07 06:09 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2016-09-14 14:45 - 2016-09-07 05:57 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-14 08:58 - 2016-09-14 08:58 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-13 21:14 - 2016-09-13 21:17 - 00059030 _____ C:\Users\Alex\Downloads\Addition.txt
2016-09-13 21:12 - 2016-09-18 15:00 - 00000000 ____D C:\FRST
2016-09-13 21:12 - 2016-09-17 16:29 - 02399232 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2016-09-13 21:12 - 2016-09-13 21:17 - 00048192 _____ C:\Users\Alex\Downloads\FRST.txt
2016-09-13 21:10 - 2016-09-13 21:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Downloads\tdsskiller.exe
2016-09-13 21:04 - 2016-09-13 21:04 - 02870984 _____ (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_deu.exe
2016-09-13 21:02 - 2016-09-17 11:09 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-13 21:02 - 2016-09-17 11:09 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-13 21:00 - 2016-09-18 14:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-13 21:00 - 2016-09-18 08:02 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-13 21:00 - 2016-09-13 21:00 - 00004178 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-13 21:00 - 2016-09-13 21:00 - 00003946 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-09-13 20:47 - 2016-09-13 20:47 - 00000000 ____D C:\Program Files\VS Revo Group
2016-09-13 20:14 - 2016-09-13 20:45 - 07093624 _____ (VS Revo Group ) C:\Users\Alex\Downloads\revosetup_2.0.exe
2016-09-13 20:13 - 2016-09-13 20:15 - 01610560 _____ (Malwarebytes) C:\Users\Alex\Downloads\JRT.exe
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avg
2016-09-12 08:13 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-12 08:10 - 2016-09-12 10:35 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MyTransitGuide
2016-09-12 08:08 - 2016-09-12 08:08 - 01208320 _____ C:\Users\Alex\Downloads\fernbus_simulator_conspir4cy_crackrar.img
2016-09-11 22:59 - 2016-09-11 22:59 - 00000000 ____D C:\Users\Alex\Documents\The.Task
2016-09-11 22:28 - 2016-09-11 22:28 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\uTorrent
2016-09-11 21:34 - 2016-09-11 21:34 - 00016719 _____ C:\Users\Alex\Downloads\Fernbus_Simulator_2016.torrent
2016-09-11 19:42 - 2016-09-11 19:44 - 109132576 _____ C:\Users\Alex\Downloads\LMFAO_-_Sorry_For_Party_Rocking-2011-MOD.rar
2016-09-10 09:42 - 2016-09-10 09:42 - 01793045 _____ C:\Users\Alex\Downloads\187096_12.rar
2016-09-10 09:32 - 2016-09-10 09:32 - 03557465 _____ C:\Users\Alex\Downloads\FIFA 15 Latest Squads file by Mark.rar
2016-09-08 22:27 - 2016-09-08 22:27 - 00001032 _____ C:\Users\Alex\Desktop\fifa15.exe - Verknüpfung.lnk
2016-09-08 21:29 - 2016-09-08 21:33 - 00000000 ____D C:\Users\Alex\Documents\FIFA 15
2016-09-08 18:54 - 2016-09-08 18:54 - 00026052 ____N C:\Users\Alex\Downloads\88340998f9d272bb5a71c5b978fb316b42cc1347.dlc
2016-09-08 16:46 - 2016-09-08 16:46 - 00000000 ____D C:\Users\Alex\Documents\Soundaufnahmen
2016-09-07 22:17 - 2016-09-12 08:13 - 00000000 ____D C:\ProgramData\Avira
2016-09-07 22:17 - 2016-09-07 22:17 - 04446224 _____ (Avira Operations GmbH & Co. KG) C:\Users\Alex\Downloads\avira_de_avpn0_57d075bcae606__def.exe
2016-09-07 22:17 - 2016-09-07 22:17 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-09-07 22:17 - 2016-09-07 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-07 21:03 - 2016-09-07 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-09-07 20:28 - 2016-09-07 20:28 - 00014357 _____ C:\Users\Alex\Downloads\RollerCoaster.Tycoon.World.Early.Access.torrent
2016-09-07 20:26 - 2016-09-07 20:35 - 566719036 _____ C:\Users\Alex\Downloads\Rcsrtycnpltn.rar
2016-09-07 20:21 - 2016-09-07 20:21 - 00003342 _____ C:\WINDOWS\System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2}
2016-09-07 14:31 - 2016-09-07 14:31 - 86921726 _____ C:\Users\Alex\Downloads\LStThViC.rar
2016-09-07 14:30 - 2016-09-08 16:45 - 00000000 ____D C:\Users\Alex\Desktop\Lindsey Stirling
2016-09-07 14:30 - 2016-09-07 14:30 - 137263509 _____ C:\Users\Alex\Downloads\%2FLindsey_Stirling-Lindsey_Stirling-%28Deluxe_Edition%29-2013-C4.zip
2016-09-07 14:29 - 2016-09-07 14:32 - 118347516 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Brave_Enough-%28Limited_Deluxe_Edition%29-2016-C4.rar
2016-09-07 14:29 - 2016-09-07 14:30 - 111660182 _____ C:\Users\Alex\Downloads\Lindsey_Stirling-Shatter_Me-%28Deluxe_Edition%29-2014-C4.rar
2016-09-07 14:26 - 2016-09-07 14:25 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-09-07 14:24 - 2016-09-07 14:24 - 01196752 _____ (Adobe Systems Incorporated) C:\Users\Alex\Downloads\flashplayer22_xa_install.exe
2016-09-07 13:09 - 2016-09-07 13:13 - 01028096 ____N C:\Users\Alex\Downloads\Fernbus Simulator Free.img
2016-09-06 13:11 - 2016-09-06 13:11 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\libeay32.dll
2016-09-06 13:11 - 2016-09-06 13:11 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Alex\Downloads\ssleay32.dll
2016-09-06 13:10 - 2016-09-14 16:13 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-06 13:10 - 2016-09-06 13:10 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-09-06 13:10 - 2016-09-06 13:10 - 00000000 ____D C:\Program Files (x86)\FastSocial
2016-09-06 13:08 - 2016-09-06 13:08 - 00000381 _____ C:\Users\Alex\Downloads\FF16 TOR.txt
2016-09-06 08:34 - 2016-09-14 16:13 - 00000000 ____D C:\AdwCleaner
2016-09-05 09:57 - 2016-09-05 09:57 - 01144832 _____ C:\Users\Alex\Downloads\Crack Setup.img
2016-09-02 20:44 - 2016-09-02 20:44 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Promotion Software GmbH
2016-09-02 20:39 - 2016-09-02 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2016-08-31 15:26 - 2016-08-31 15:26 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads (1).exe
2016-08-30 20:28 - 2016-08-30 20:28 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autobahn Police Simulator.lnk
2016-08-30 20:24 - 2016-08-30 20:24 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (2).asx
2016-08-30 13:45 - 2016-08-30 13:46 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2016-08-30 13:45 - 2016-08-30 13:45 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer (1).exe
2016-08-30 13:45 - 2016-08-30 13:45 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2016-08-30 13:42 - 2016-08-30 13:42 - 01474568 _____ C:\Users\Alex\Downloads\wxMP3Gain - CHIP-Installer.exe
2016-08-30 11:43 - 2016-08-30 11:43 - 01474568 _____ C:\Users\Alex\Downloads\MP3Gain - CHIP-Installer.exe
2016-08-30 09:52 - 2005-05-17 15:39 - 00349265 _____ C:\Users\Alex\Desktop\tvtotalnippelboard.swf
2016-08-30 09:50 - 2016-08-30 09:52 - 395414331 _____ () C:\Users\Alex\Downloads\GLP - Soundboard Setup.exe
2016-08-30 09:48 - 2016-08-30 09:48 - 01474568 _____ C:\Users\Alex\Downloads\Stefan Raabs TV Total Nippelboard - CHIP-Installer.exe
2016-08-29 21:18 - 2016-08-29 21:18 - 00134808 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_ddjergopads.exe
2016-08-29 21:15 - 2016-08-29 21:16 - 02000360 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_blacksheephd.exe
2016-08-29 20:53 - 2016-08-29 20:55 - 04411520 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_x96byzanard.exe
2016-08-29 20:47 - 2016-08-29 20:56 - 03227864 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_pioneerxdjrxbyzaik.exe
2016-08-29 10:28 - 2009-10-30 04:39 - 08151040 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CMICNFG3.dll
2016-08-29 10:28 - 2009-04-02 10:59 - 00143360 ____N C:\WINDOWS\SysWOW64\VmixP6.dll
2016-08-29 10:28 - 2008-07-23 12:59 - 00389120 ____N () C:\WINDOWS\system32\CMICNFG3.cpl
2016-08-29 10:28 - 2006-09-13 20:21 - 00200704 ____N (C-Media) C:\WINDOWS\SysWOW64\CMPaOxy.dll
2016-08-29 10:27 - 2016-08-29 10:28 - 00000188 _____ C:\WINDOWS\Cmicnfg3.ini.cfl
2016-08-29 10:27 - 2016-08-29 10:27 - 00792576 ____N C:\WINDOWS\system32\Cmeaupci.exe
2016-08-29 10:27 - 2016-08-29 10:27 - 00000183 _____ C:\WINDOWS\Cmicnfg3.ini.imi
2016-08-29 10:27 - 2016-08-29 10:27 - 00000130 _____ C:\WINDOWS\system\Dlap.pfx
2016-08-29 10:27 - 2016-08-29 10:27 - 00000122 _____ C:\WINDOWS\system\Cmicnfg3.ini
2016-08-29 10:27 - 2016-08-29 10:27 - 00000000 ____D C:\Users\Alex\Desktop\PCI-8738-091211-7.12.8.1740(W7-RC-01)
2016-08-29 10:27 - 2009-12-11 05:28 - 00002754 ____N C:\WINDOWS\cmudax3.ini
2016-08-29 10:27 - 2009-12-01 05:31 - 01155072 _____ (C-Media Inc) C:\WINDOWS\system32\Drivers\cmudax3.sys
2016-08-29 10:27 - 2009-08-19 10:00 - 00359424 ____N C:\WINDOWS\system32\CmiInstallResAll64.dll
2016-08-29 10:27 - 2008-10-15 09:41 - 00002123 ____N C:\WINDOWS\Cmicnfg3.ini.cfg
2016-08-29 10:27 - 2007-11-04 19:30 - 01144983 ____N C:\WINDOWS\SysWOW64\KB936225x64.msu
2016-08-29 10:27 - 2007-02-26 14:30 - 00036864 _____ (C-Media Electronics Ins.) C:\WINDOWS\system32\cmudax3.dll
2016-08-29 10:27 - 2006-10-05 23:45 - 00524768 _____ (Microsoft Corporation) C:\WINDOWS\difxapi.dll
2016-08-28 20:36 - 2016-08-28 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\ProgramData\Native Instruments
2016-08-28 20:36 - 2016-08-28 20:36 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-08-28 20:32 - 2016-08-28 20:33 - 244782432 _____ (Native Instruments ) C:\Users\Alex\Downloads\Traktor 2 2.10.3 Setup PC.exe
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 __HDC C:\ProgramData\{EB9C1D32-304E-4E8E-8D44-C4102A190A39}
2016-08-28 20:32 - 2016-08-28 20:32 - 00000000 ____D C:\Backup
2016-08-28 20:28 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2016-08-28 18:15 - 2016-09-13 15:38 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-08-28 18:15 - 2016-08-31 15:01 - 00000000 ____D C:\Users\Alex\Documents\VirtualDJ
2016-08-28 18:15 - 2016-08-28 18:15 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2016-08-28 18:14 - 2016-08-28 18:15 - 38203392 _____ C:\Users\Alex\Downloads\install_virtualdj_pc_v8.2.3343.msi
2016-08-28 17:52 - 2016-08-28 20:28 - 00000000 ____D C:\Users\Alex\AppData\Local\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 25035393 _____ C:\Users\Alex\Downloads\mixxx-2.0.0-win64.exe
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mixxx
2016-08-28 17:48 - 2016-08-28 17:48 - 00000000 ____D C:\Program Files\Mixxx
2016-08-28 17:41 - 2016-08-28 18:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zulu DJ-Software.lnk
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2016-08-28 17:41 - 2016-08-28 17:41 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-28 17:40 - 2016-08-28 17:40 - 00974560 _____ (NCH Software) C:\Users\Alex\Downloads\zulusetup.exe
2016-08-28 17:40 - 2016-08-28 17:40 - 00000000 ____D C:\Users\Alex\AppData\Roaming\NCH Software
2016-08-28 17:03 - 2016-08-28 17:03 - 38302328 _____ (Atomix Productions) C:\Users\Alex\Downloads\install_virtualdj_home_v7.4.6.exe
2016-08-27 15:10 - 2016-08-27 15:10 - 02929520 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer.exe
2016-08-26 15:21 - 2016-08-26 15:21 - 01106840 _____ (Unity Technologies ApS) C:\Users\Alex\Downloads\UnityWebPlayer64.exe
2016-08-26 14:25 - 2016-08-26 14:25 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-08-25 21:58 - 2016-08-25 21:58 - 00000000 ____D C:\Users\Alex\Documents\Ghosthunters
2016-08-25 21:12 - 2016-08-25 21:12 - 00000580 _____ C:\Users\Alex\Downloads\windowsmediaplayer (1).asx
2016-08-23 22:19 - 2016-08-23 22:19 - 00000000 ____D C:\Users\Alex\Documents\Die Unfassbaren 2
2016-08-23 21:09 - 2016-08-23 21:09 - 00000000 ____D C:\Users\Alex\Documents\Die.wilden.Kerle.6.Die.Legende.lebt
2016-08-22 18:36 - 2016-08-22 18:36 - 00001187 _____ C:\Users\Alex\Desktop\Dynamo Dresden v RB Leipzig - DFB Pokal 1 Runde 2016_17_08.lnk
2016-08-22 18:25 - 2016-08-22 18:25 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Aspyr Media
2016-08-22 17:53 - 2016-08-22 17:53 - 00000744 _____ C:\Users\Public\Desktop\Layers of Fear - Masterpiece Edition.lnk
2016-08-22 17:52 - 2016-08-22 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloober Team SA
2016-08-20 15:42 - 2016-09-12 08:10 - 00000000 ____D C:\Users\Alex\Desktop\Musik

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 14:55 - 2015-03-30 17:38 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-18 14:13 - 2015-08-06 17:26 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9976B872-EBCD-4E3B-A512-199270B5525F}
2016-09-18 08:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-18 08:03 - 2015-05-04 14:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-18 08:02 - 2015-07-31 20:20 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Wise Care 365
2016-09-18 08:00 - 2015-12-22 17:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-18 08:00 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-18 08:00 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-09-17 20:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-17 20:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-17 20:39 - 2015-01-01 21:08 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2016-09-17 19:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-09-17 10:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-17 10:36 - 2015-08-04 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-17 10:34 - 2015-03-30 17:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-17 10:34 - 2015-03-30 17:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-16 21:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-16 21:50 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-16 21:50 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-16 21:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-16 21:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-16 20:32 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-16 20:25 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-16 20:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-16 20:24 - 2015-03-30 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-16 20:23 - 2015-01-01 00:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-16 20:16 - 2015-01-01 00:28 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-16 20:03 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-16 19:31 - 2015-12-22 16:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-14 17:19 - 2016-07-25 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-14 17:19 - 2016-07-21 17:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 17:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-09-14 16:22 - 2016-07-20 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 16:21 - 2016-07-21 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-14 16:14 - 2016-07-20 12:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-13 21:22 - 2015-08-04 20:05 - 00000000 ____D C:\Users\Alex\Desktop\Sonstiges
2016-09-13 21:02 - 2014-12-31 21:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-13 20:50 - 2016-07-25 15:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-09-13 20:11 - 2015-04-01 12:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-09-13 11:55 - 2016-03-24 18:55 - 06502080 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 08:34 - 2015-07-31 20:20 - 00002127 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-09-12 10:35 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-12 10:29 - 2014-12-31 21:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2016-09-12 01:15 - 2015-01-04 22:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-09-12 01:15 - 2015-01-02 16:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2016-09-11 23:20 - 2015-12-22 16:42 - 02113470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 23:20 - 2015-10-30 20:35 - 00898170 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-11 23:20 - 2015-10-30 20:35 - 00201656 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-11 22:43 - 2015-07-03 15:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-09-11 22:42 - 2015-07-03 15:19 - 00000000 ____D C:\Program Files\Rockstar Games
2016-09-09 22:07 - 2015-12-22 16:43 - 00000000 ____D C:\Users\Alex
2016-09-08 22:27 - 2015-01-02 20:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2016-09-08 13:14 - 2015-10-01 21:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2016-09-08 12:28 - 2015-01-01 12:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2016-09-08 12:00 - 2015-08-21 10:33 - 00000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2016-09-07 22:17 - 2014-12-31 21:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-07 22:17 - 2014-12-31 21:27 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-07 20:20 - 2015-01-03 13:40 - 00000000 ____D C:\Users\Alex\AppData\Local\ElevatedDiagnostics
2016-09-07 14:33 - 2015-03-30 20:16 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 14:26 - 2015-09-13 09:21 - 00000000 ____D C:\Users\Alex\.oracle_jre_usage
2016-09-07 14:26 - 2015-06-17 14:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 14:26 - 2015-03-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-07 14:25 - 2016-02-19 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-09-07 14:25 - 2015-06-17 14:51 - 00000000 ____D C:\Program Files\Java
2016-09-07 13:07 - 2014-12-31 20:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-07 08:10 - 2013-01-05 21:32 - 00400614 __RSH C:\bootmgr
2016-09-07 08:04 - 2015-12-22 16:37 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 13:09 - 2016-07-26 21:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-04 19:09 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-29 16:38 - 2015-02-01 10:39 - 00000000 ____D C:\ProgramData\Ultra Vision Video Converter
2016-08-29 10:29 - 2016-01-17 10:33 - 00387176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-29 10:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-08-27 15:56 - 2015-09-03 19:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2016-08-27 15:10 - 2015-09-03 18:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2016-08-27 13:19 - 2015-11-10 14:32 - 00000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2016-08-27 09:24 - 2015-05-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ravenscourt
2016-08-22 18:55 - 2016-01-31 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
2016-08-21 09:21 - 2015-08-17 19:42 - 00000000 ___RD C:\Users\Alex\Desktop\Bildbearbeitung
2016-08-20 15:21 - 2015-02-26 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-15 18:22 - 2015-11-15 10:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2016-06-02 10:48 - 2016-06-02 10:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 15:38 - 2015-04-10 15:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 18:01 - 2015-07-04 18:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 20:25 - 2015-07-24 20:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 12:41 - 2015-11-18 12:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2015-12-22 16:38 - 2015-12-22 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-17 19:16

==================== Ende von FRST.txt ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:28 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55