Solved Audio ads playing... Steamwebhelper.exe

[Bandito292]

Hello there!
I got an big problem and I cant fix it.
Steamwebhelper.exe starts playing ads.
I already installed so many antiadware-programms but its still here and its so annoying.
Im 100% sure that it is steamwebhelper.exe..
Please help me I cant fix it on my own..

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Bandito292]

FIRST:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Christian (Administrator) auf MSI-CHRISEKO (20-08-2015 02:04:08)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool:

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\DolbyHid\DolbyHID64.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Valve Corporation) D:\Steam\Steam.exe
(Madcatz) C:\Program Files\Mad Catz\FREQ7 User Interface\FREQ7.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-27] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347688 2015-07-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-03] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-03] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-31] ()
HKLM\...\Run: [DolbyHid] => C:\Program Files\Conexant\DolbyHid\DolbyHid64.exe [2596992 2015-07-31] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-10] (MSI)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-07-14] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [249856 2014-01-23] (SteelSeries ApS)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Run: [Steam] => D:\Steam\steam.exe [2899136 2015-08-12] (Valve Corporation)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Run: [BingSvc] => C:\Users\Christian\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-08-18] (Safer-Networking Ltd.)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\RunOnce: [Uninstall C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
AppInit_DLLs: C:\ProgramData\Saophase\513g5viq.dll => C:\ProgramData\Saophase\513g5viq.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\ProgramData\Saophase\v4ezlosj.dll => "C:\ProgramData\Saophase\v4ezlosj.dll" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FREQ7.lnk [2015-07-31]
ShortcutTarget: FREQ7.lnk -> C:\Windows\Installer\{F59E2605-2C88-4269-8B20-C371E8037B8A}\_2D0C1727B380D636A29931.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-01-27]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll [2015-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll [2015-07-31] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002 -> {625644C2-4122-4388-9F9E-A1812C36D7F4} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-17] (Oracle Corporation)
BHO: Kein Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2cd5de42-3ce9-46eb-b77a-cd8009e26f71}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-17] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-31] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-31]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-31]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-31]
CHR Extension: (ROG: Republic of Gamers) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\digokgjmmdldnmnemhffdeknllgbmkdo [2015-08-19]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-31] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-22] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-22] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-07-31] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-24] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-03] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-10] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-31] (Electronic Arts)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-09] (Qualcomm Atheros) [Datei ist nicht signiert]
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-22] (Microsoft Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-07-14] (Razer Inc.)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-12] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-24] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-24] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-22] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
S2 AV Assistant Service; C:/Program Files (x86)/Preventon Antivirus/AVAssistant.exe [X]
S2 AV Scanning Service; C:/Program Files (x86)/Preventon Antivirus/AVScanningService.exe [X]
S2 CmdAgent; kein ImagePath
S3 cmdvirth; kein ImagePath

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2015-07-10] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [565088 2015-07-22] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [127840 2015-07-10] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2015-07-10] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [63328 2015-07-10] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2015-07-10] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2015-07-10] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2015-07-10] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2015-07-10] (PMC-Sierra, Inc.)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2015-07-10] (Microsoft Corporation)
S3 AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [13720 2012-09-07] ()
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2015-07-10] (Broadcom Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-14] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [380768 2015-07-10] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [601344 2015-07-17] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [101216 2015-07-10] (Microsoft Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-31] (Symantec Corporation)
R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88928 2015-07-10] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [116576 2015-07-10] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [83808 2015-07-10] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [368992 2015-07-10] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31072 2015-07-10] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [633184 2015-07-10] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66912 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2015-07-10] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29024 2015-07-10] (Microsoft Corporation)
R5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [644968 2013-08-28] (Intel Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2015-07-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2015-07-10] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-31] (Intel Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2015-07-10] (Microsoft Corporation)
S5 intelpep; C:\Windows\System32\drivers\intelpep.sys [43872 2015-07-10] (Microsoft Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22368 2015-07-10] (Microsoft Corporation)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-21] (Qualcomm Atheros, Inc.)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [131424 2015-07-10] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [158560 2015-07-10] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2015-07-10] (LSI Corporation)
S5 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104800 2015-07-10] (LSI Corporation)
S5 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2015-07-10] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-20] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2015-07-10] (Avago Technologies)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2015-07-10] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [103264 2015-07-10] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [19296 2015-07-10] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [118624 2015-07-10] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2015-07-10] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1168736 2015-07-19] (Microsoft Corporation)
R1 netcontroller; C:\Windows\System32\drivers\netcontroller.sys [59560 2015-06-24] (UtilTool Ltd)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2015-07-10] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2015-07-10] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [126304 2015-07-10] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [117088 2015-07-10] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [325984 2015-07-15] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [15712 2015-07-10] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2015-07-10] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2015-07-10] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [98144 2015-07-10] (Microsoft Corporation)
S5 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58208 2015-07-10] (LSI Corporation)
S5 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58720 2015-07-10] (Avago Technologies)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [235872 2015-07-10] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2014-01-27] (Realsil Semiconductor Corporation)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
S3 SAlphamBth; C:\Windows\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [109920 2015-07-10] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2015-07-10] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2015-07-10] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [474464 2015-07-10] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2015-07-10] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [133984 2015-07-10] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [45920 2015-07-10] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [78688 2015-07-10] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
S5 storufs; C:\Windows\System32\drivers\storufs.sys [40288 2015-07-10] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2430816 2015-07-10] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [66400 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-14] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66912 2015-07-10] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [42848 2015-07-10] (Microsoft Corporation)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [125792 2015-07-10] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [81248 2015-07-10] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [370016 2015-07-10] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [378720 2015-07-10] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2015-07-10] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2015-07-10] (VIA Corporation)
S5 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [892224 2015-07-10] (Microsoft Corporation)
R5 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [153440 2015-07-10] (Microsoft Corporation)
R5 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R5 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [199008 2015-07-10] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-26] (SplitmediaLabs Limited)
S1 bsdriver; \??\C:\WINDOWS\system32\drivers\bsdriver.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 02:04 - 2015-08-20 02:04 - 00036196 _____ C:\Users\Christian\Downloads\FRST.txt
2015-08-20 02:03 - 2015-08-20 02:04 - 00000000 ____D C:\FRST
2015-08-20 02:03 - 2015-08-20 02:03 - 02173952 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-08-20 02:01 - 2015-08-20 02:01 - 00016148 _____ C:\WINDOWS\system32\MSI-CHRISEKO_Christian_HistoryPrediction.bin
2015-08-19 21:45 - 2015-08-19 21:45 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-19 21:45 - 2015-08-19 21:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Sun
2015-08-19 21:45 - 2015-08-19 21:45 - 00000000 ____D C:\Users\Christian\.oracle_jre_usage
2015-08-19 21:45 - 2015-08-19 21:45 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-19 21:44 - 2015-08-19 21:44 - 00584288 _____ (Oracle Corporation) C:\Users\Christian\Downloads\jre-8u60-windows-i586-iftw.exe
2015-08-19 21:30 - 2015-08-19 21:30 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\Christian\Downloads\procexp.exe
2015-08-19 21:05 - 2015-08-19 21:05 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-19 21:05 - 2015-08-19 21:05 - 00000000 _____ C:\WINDOWS\setupact.log
2015-08-19 20:57 - 2015-08-20 02:04 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-19 20:39 - 2015-08-19 21:01 - 00016836 _____ C:\WINDOWS\PFRO.log
2015-08-19 20:25 - 2015-08-19 20:25 - 00341914 _____ C:\Users\Christian\Documents\cc_20150819_202546.reg
2015-08-19 20:24 - 2015-08-19 20:24 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-19 20:24 - 2015-08-19 20:24 - 00000000 ____D C:\Program Files\CCleaner
2015-08-19 20:23 - 2015-08-19 20:23 - 05375464 _____ (Piriform Ltd) C:\Users\Christian\Downloads\ccsetup508_slim.exe
2015-08-19 20:14 - 2015-08-19 20:14 - 01585664 _____ C:\Users\Christian\Downloads\adwcleaner_5.002 (1).exe
2015-08-19 20:04 - 2015-08-20 00:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-19 20:04 - 2015-08-19 20:04 - 00001072 _____ C:\AdwCleaner[S3].txt
2015-08-19 20:03 - 2015-08-19 20:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-19 20:03 - 2015-08-19 20:03 - 00001185 _____ C:\Users\Christian\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-19 20:03 - 2015-08-19 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-19 20:03 - 2015-08-19 20:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-19 20:03 - 2015-08-19 20:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-19 20:03 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-19 20:03 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-19 20:03 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-19 15:05 - 2015-08-19 15:06 - 114760879 _____ C:\Users\Christian\Downloads\OneLateNight4.zip
2015-08-19 12:28 - 2015-08-19 12:30 - 00000227 _____ C:\WINDOWS\SysWOW64\debug.log
2015-08-19 12:28 - 2015-08-19 12:29 - 00001550 _____ C:\WINDOWS\SysWOW64\boost.log
2015-08-19 12:28 - 2015-08-19 12:28 - 00000000 ____D C:\WINDOWS\SysWOW64\DCS
2015-08-19 12:28 - 2015-08-19 12:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Cef
2015-08-19 02:37 - 2015-08-19 02:37 - 00002013 _____ C:\AdwCleaner[C2].txt
2015-08-19 00:07 - 2015-08-19 00:08 - 00001805 _____ C:\AdwCleaner[S2].txt
2015-08-18 22:50 - 2015-08-18 22:50 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ProductData
2015-08-18 18:07 - 2015-08-18 18:07 - 00003313 _____ C:\AdwCleaner[C1].txt
2015-08-18 17:56 - 2015-08-18 17:56 - 03839960 _____ (AVAST Software) C:\Users\Christian\Downloads\avast-browserv2-cleanup-sfx.exe
2015-08-18 17:51 - 2015-08-18 17:51 - 03839960 _____ (AVAST Software) C:\Users\Christian\Downloads\avast-browserv2-cleanup-sfx (1).exe
2015-08-18 17:51 - 2015-08-18 17:51 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\avast! Browser Cleanup
2015-08-18 17:45 - 2015-08-19 20:15 - 00000000 ____D C:\AdwCleaner
2015-08-18 17:45 - 2015-08-18 17:45 - 00002967 _____ C:\AdwCleaner[S1].txt
2015-08-18 14:16 - 2015-08-18 14:16 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-18 14:04 - 2015-08-18 14:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-18 14:02 - 2015-08-18 14:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Christian\Downloads\spybot-2.4.exe
2015-08-18 12:47 - 2015-08-19 20:36 - 00001873 _____ C:\Users\Christian\Desktop\Google Chrome.lnk
2015-08-18 00:45 - 2015-08-18 00:45 - 00001453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-08-18 00:44 - 2015-08-18 00:44 - 10849056 _____ (IObit) C:\Users\Christian\Downloads\iobituninstaller5.exe
2015-08-18 00:37 - 2015-08-18 00:37 - 00000000 _____ C:\autoexec.bat
2015-08-18 00:36 - 2015-08-18 14:27 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-08-18 00:35 - 2015-08-18 00:35 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Christian\Downloads\SpyHunter-Installer.exe
2015-08-18 00:18 - 2015-08-18 00:49 - 00000000 ____D C:\ProgramData\clp
2015-08-18 00:18 - 2015-08-18 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Preventon Antivirus
2015-08-18 00:18 - 2015-08-18 00:18 - 00000000 ____D C:\ProgramData\Preventon
2015-08-18 00:18 - 2015-06-24 13:00 - 00059560 _____ (UtilTool Ltd) C:\WINDOWS\system32\Drivers\netcontroller.sys
2015-08-18 00:17 - 2015-08-18 00:17 - 00949624 _____ (Preventon Technologies Limited) C:\Users\Christian\Downloads\PreventonAntivirus.exe
2015-08-17 23:46 - 2015-08-17 23:46 - 01563648 _____ C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe
2015-08-17 22:15 - 2015-08-17 22:15 - 00040594 _____ C:\Users\Christian\Downloads\download_repair.htm
2015-08-17 21:43 - 2015-08-17 21:43 - 03588893 _____ (E-Tech) C:\Program Files\Common Files\mhw3f0bx.exe
2015-08-17 21:25 - 2015-08-17 23:18 - 1605483417 _____ C:\Users\Christian\Downloads\Battle-Royale-v060.zip
2015-08-17 21:24 - 2015-08-17 21:24 - 00003208 _____ C:\WINDOWS\System32\Tasks\zyxvmtcn
2015-08-17 21:24 - 2015-08-17 21:24 - 00000000 ____D C:\Program Files\Common Files\jlpztey3
2015-08-17 21:10 - 2015-08-17 21:10 - 00003936 _____ C:\WINDOWS\System32\Tasks\Install
2015-08-17 20:53 - 2015-08-17 20:53 - 00003388 _____ C:\WINDOWS\System32\Tasks\Sekundäre Anmeldung 1.74.17
2015-08-17 20:20 - 2015-08-17 20:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-17 20:20 - 2015-08-17 20:20 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-17 19:51 - 2015-08-18 00:03 - 00000000 ____D C:\Users\Christian\AppData\Local\NPE
2015-08-17 19:51 - 2015-08-17 19:51 - 10079720 _____ (Symantec Corporation) C:\Users\Christian\Downloads\NPE.exe
2015-08-17 18:57 - 2015-08-17 18:57 - 01563648 _____ C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe
2015-08-17 18:43 - 2015-08-19 21:00 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-08-17 18:35 - 2015-08-18 00:45 - 00000000 ____D C:\ProgramData\ProductData
2015-08-17 18:13 - 2015-08-17 19:22 - 00167406 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-08-17 18:13 - 2015-08-17 18:13 - 00000000 ___HD C:\VTRoot
2015-08-17 18:10 - 2015-08-20 01:51 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2015-08-17 18:10 - 2015-08-17 18:10 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2015-08-17 18:10 - 2015-08-17 18:10 - 00000000 ____D C:\ProgramData\Shared Space
2015-08-17 18:08 - 2015-08-17 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-08-17 18:08 - 2015-08-17 18:40 - 00000000 ____D C:\Users\Christian\AppData\Local\Comodo
2015-08-17 18:06 - 2015-08-17 18:10 - 00000000 ____D C:\ProgramData\Comodo
2015-08-17 18:05 - 2015-08-17 18:06 - 226558984 _____ (COMODO) C:\Users\Christian\Downloads\cav_installer.exe
2015-08-17 17:54 - 2015-08-17 17:54 - 00003312 _____ C:\WINDOWS\System32\Tasks\crash_service
2015-08-17 15:12 - 2015-08-17 15:12 - 03588893 _____ (E-Tech) C:\Program Files\Common Files\itvy444u.exe
2015-08-17 14:57 - 2015-08-17 23:51 - 00000000 ____D C:\Program Files\Common Files\xwizzwif
2015-08-15 17:18 - 2015-08-15 17:18 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2015-08-15 11:18 - 2015-08-15 11:18 - 00000000 ____D C:\Users\Christian\AppData\Local\Blizzard
2015-08-15 11:10 - 2015-08-15 11:18 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-15 11:10 - 2015-08-15 11:10 - 00001238 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-08-15 11:10 - 2015-08-15 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-15 11:05 - 2015-08-18 20:07 - 00000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2015-08-15 11:05 - 2015-08-15 11:08 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Battle.net
2015-08-15 11:05 - 2015-08-15 11:05 - 00000000 ____D C:\Users\Christian\AppData\Local\Blizzard Entertainment
2015-08-15 11:04 - 2015-08-19 20:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-15 11:04 - 2015-08-15 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-08-15 11:04 - 2015-08-15 11:05 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-08-15 11:04 - 2015-08-15 11:04 - 00000000 ____D C:\ProgramData\Battle.net
2015-08-15 10:51 - 2015-08-15 10:51 - 00000000 ____D C:\WINDOWS\system32\uuf
2015-08-15 10:50 - 2015-08-15 10:50 - 00000045 _____ C:\user.js
2015-08-14 19:50 - 2015-08-19 21:46 - 00000000 ____D C:\ProgramData\Oracle
2015-08-14 19:50 - 2015-08-19 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-14 19:50 - 2015-08-17 15:01 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-14 19:50 - 2015-08-17 15:01 - 00000000 ____D C:\Program Files\Java
2015-08-14 19:50 - 2015-08-14 19:50 - 00000000 ____D C:\ProgramData\Sun
2015-08-14 18:05 - 2015-08-14 18:05 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mirillis
2015-08-14 18:05 - 2015-08-14 18:05 - 00000000 ____D C:\Users\Christian\AppData\Local\Mirillis
2015-08-14 18:05 - 2015-08-14 18:05 - 00000000 ____D C:\ProgramData\Mirillis
2015-08-14 18:05 - 2015-08-14 18:05 - 00000000 ____D C:\Program Files (x86)\Action!
2015-08-14 18:04 - 2015-08-14 18:04 - 00002122 _____ C:\Users\Public\Desktop\Action!.lnk
2015-08-14 18:04 - 2015-08-14 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-08-14 18:04 - 2015-08-14 18:04 - 00000000 ____D C:\Program Files (x86)\Mirillis
2015-08-14 17:50 - 2015-08-20 01:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-14 17:50 - 2015-08-19 21:20 - 00001028 _____ C:\WINDOWS\Tasks\9XTy35D.job
2015-08-14 17:50 - 2015-08-14 17:50 - 00004144 _____ C:\WINDOWS\System32\Tasks\9XTy35D
2015-08-14 17:50 - 2015-08-14 17:50 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-14 17:49 - 2015-08-19 23:54 - 00000376 ____H C:\WINDOWS\Tasks\UBAVSTQJEVEMCIFN.job
2015-08-14 17:49 - 2015-08-18 01:13 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-14 17:49 - 2015-08-14 17:49 - 00003460 _____ C:\WINDOWS\System32\Tasks\UBAVSTQJEVEMCIFN
2015-08-14 17:48 - 2015-08-17 23:51 - 00000000 ____D C:\Users\Christian\AppData\Local\IntelRDynamic
2015-08-14 17:48 - 2015-08-14 17:48 - 00003398 _____ C:\WINDOWS\System32\Tasks\mWHZNGepLYqcqeK
2015-08-14 17:48 - 2015-08-14 17:48 - 00003354 _____ C:\WINDOWS\System32\Tasks\WCSKhlrQu1za7sF
2015-08-14 17:20 - 2015-08-19 20:01 - 00000000 ____D C:\ProgramData\Sony
2015-08-14 17:20 - 2015-08-14 17:30 - 00000000 ____D C:\Users\Christian\AppData\Local\Sony
2015-08-14 17:18 - 2015-08-14 17:32 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Sony
2015-08-14 17:18 - 2013-12-02 21:01 - 00035376 _____ (Basil Projects) C:\WINDOWS\system32\Drivers\WinDivert64.sys
2015-08-13 15:59 - 2015-08-13 15:59 - 00000000 ____D C:\Users\Christian\Documents\Camtasia Studio
2015-08-13 15:59 - 2015-08-13 15:59 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TechSmith
2015-08-10 15:59 - 2015-08-10 15:59 - 00000000 ____D C:\Users\Christian\AppData\Roaming\WinRAR
2015-08-09 19:15 - 2015-08-09 19:15 - 00000897 _____ C:\Users\Christian\Desktop\Steam.lnk
2015-08-06 23:54 - 2015-08-06 23:54 - 00000000 ____D C:\Users\Christian\AppData\Roaming\2K Sports
2015-08-06 20:55 - 2015-08-06 21:08 - 00000000 ____D C:\Users\Christian\Documents\DayZ
2015-08-06 20:55 - 2015-08-06 21:08 - 00000000 ____D C:\Users\Christian\AppData\Local\DayZ
2015-08-05 01:31 - 2015-08-05 01:31 - 00827632 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00127232 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00035056 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00021720 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2015-08-05 01:29 - 2015-08-05 01:29 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-08-05 01:29 - 2015-08-05 01:29 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-08-05 01:29 - 2015-08-05 01:29 - 00041224 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2015-08-05 01:28 - 2015-08-05 01:28 - 00358080 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2015-08-05 01:28 - 2015-08-05 01:28 - 00045760 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2015-08-05 01:27 - 2015-08-05 01:27 - 00288448 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2015-08-05 01:26 - 2015-08-05 01:26 - 00040640 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll

 

[Bandito292]

SECOND:
:07 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2015-08-04 20:49 - 2015-08-04 21:07 - 00000000 ____D C:\ProgramData\Skype
2015-08-04 20:49 - 2015-08-04 20:49 - 00000000 ____D C:\Users\Christian\AppData\Local\Skype
2015-08-03 23:45 - 2015-08-03 23:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Anti-Theft
2015-08-02 21:38 - 2015-08-02 21:38 - 00000000 ____D C:\Users\Christian\AppData\Local\Creative
2015-08-02 17:49 - 2015-08-02 17:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-01 20:56 - 2015-08-19 21:25 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2015-08-01 19:55 - 2015-08-07 16:13 - 00000000 ____D C:\Users\Christian\Documents\My Games
2015-08-01 18:34 - 2015-08-18 18:51 - 00000000 ____D C:\Users\Christian\AppData\Local\Arma 3
2015-08-01 18:34 - 2015-08-01 18:40 - 00000000 ____D C:\Users\Christian\Documents\Arma 3
2015-08-01 18:34 - 2015-08-01 18:34 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2015-08-01 18:29 - 2015-08-01 18:31 - 00000000 ____D C:\Users\Christian\AppData\Local\Arma 3 Launcher
2015-08-01 18:29 - 2015-08-01 18:29 - 00000000 ____D C:\Users\Christian\AppData\Local\Razer_Inc
2015-08-01 18:29 - 2015-08-01 18:29 - 00000000 ____D C:\Users\Christian\AppData\Local\Bohemia_Interactive
2015-08-01 17:40 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-08-01 17:40 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-08-01 17:40 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-08-01 17:40 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-08-01 17:40 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-08-01 17:40 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-07-31 22:44 - 2015-08-17 20:13 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-31 22:44 - 2015-08-17 20:13 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-31 22:40 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Christian\AppData\Local\Madcatz
2015-07-31 22:39 - 2015-07-31 22:39 - 01214976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Cx64EEDH.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00521856 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A81.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00372936 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\DHEEP64A.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00201928 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\DHEED64A.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00099016 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\DHEEL64A.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00050304 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00023168 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CxUSB64.dll
2015-07-31 22:39 - 2015-07-31 22:39 - 00000000 ____D C:\Program Files\CONEXANT
2015-07-31 22:39 - 2015-07-31 22:39 - 00000000 ____D C:\Program Files (x86)\Conexant
2015-07-31 22:38 - 2015-07-31 22:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\InstallShield
2015-07-31 22:38 - 2015-07-31 22:38 - 00000000 ____D C:\Program Files\Mad Catz
2015-07-31 22:37 - 2015-08-20 00:20 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2015-07-31 22:37 - 2015-07-31 22:37 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 22:37 - 2015-07-31 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-31 22:37 - 2015-07-31 22:37 - 00000000 ____D C:\Program Files\WinRAR
2015-07-31 22:36 - 2015-07-31 22:36 - 00000000 ____D C:\Users\Christian\Documents\Add-in Express
2015-07-31 22:31 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-07-31 22:31 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-07-31 22:31 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-07-31 22:31 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-07-31 22:31 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-07-31 22:31 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-07-31 22:31 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-07-31 22:31 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-07-31 22:31 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-07-31 22:31 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-07-31 22:31 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-07-31 22:31 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-07-31 22:31 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-07-31 22:31 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-07-31 22:31 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-07-31 22:31 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-07-31 22:31 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-07-31 22:31 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-07-31 22:31 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-07-31 22:31 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-07-31 22:31 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-07-31 22:31 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-07-31 22:31 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-07-31 22:31 - 2008-07-10 12:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-07-31 22:31 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-07-31 22:31 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-07-31 22:31 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-07-31 22:31 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-07-31 22:31 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-07-31 22:31 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-07-31 22:31 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-07-31 22:31 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-07-31 22:31 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-07-31 22:31 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-07-31 22:31 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-07-31 22:31 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-07-31 22:31 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-07-31 22:31 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-07-31 22:31 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-07-31 22:30 - 2015-07-31 22:30 - 00000000 ____D C:\Users\Christian\Documents\Razer
2015-07-31 22:30 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-07-31 22:30 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-07-31 22:30 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-07-31 22:30 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-07-31 22:30 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-07-31 22:30 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-07-31 22:30 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-07-31 22:30 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-07-31 22:30 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-07-31 22:30 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-07-31 22:30 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-07-31 22:30 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-07-31 22:30 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-07-31 22:30 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-07-31 22:30 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-07-31 22:30 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-07-31 22:30 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-07-31 22:30 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-07-31 22:30 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-07-31 22:30 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-07-31 22:30 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-07-31 22:30 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-07-31 22:30 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-07-31 22:30 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-07-31 22:30 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-07-31 22:30 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-07-31 22:30 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-07-31 22:30 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-07-31 22:30 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-07-31 22:30 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-07-31 22:30 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-07-31 22:30 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-07-31 22:30 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-07-31 22:30 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-07-31 22:30 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-07-31 22:30 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-07-31 22:30 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-07-31 22:30 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-07-31 22:30 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-07-31 22:30 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-07-31 22:30 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-07-31 22:30 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-07-31 22:30 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-07-31 22:30 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-07-31 22:30 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-07-31 22:30 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-07-31 22:30 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-07-31 22:30 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-07-31 22:30 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-07-31 22:30 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-07-31 22:30 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-07-31 22:30 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-07-31 22:30 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-07-31 22:30 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-07-31 22:30 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-07-31 22:30 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-07-31 22:30 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-07-31 22:30 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-07-31 22:30 - 2006-03-31 13:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-07-31 22:30 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-07-31 22:30 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-07-31 22:30 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-07-31 22:30 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-07-31 22:30 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-07-31 22:30 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-07-31 22:30 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-07-31 22:30 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-07-31 22:30 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-07-31 22:30 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-07-31 22:30 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-07-31 22:30 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-07-31 22:30 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-07-31 22:30 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-07-31 22:30 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-07-31 22:30 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-07-31 22:30 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-07-31 22:30 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-07-31 22:30 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-07-31 22:30 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-07-31 22:30 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-07-31 22:29 - 2015-07-31 22:29 - 00001339 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2015-07-31 22:29 - 2015-07-31 22:29 - 00000000 ____D C:\Users\Christian\AppData\Local\Razer
2015-07-31 22:29 - 2015-07-31 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-07-31 22:29 - 2015-07-31 22:29 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-07-31 22:29 - 2015-07-14 12:15 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-07-31 22:29 - 2015-07-14 12:15 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-07-31 22:28 - 2015-07-31 22:31 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-07-31 22:28 - 2015-07-31 22:30 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-07-31 22:28 - 2015-07-31 22:28 - 00000000 ____D C:\ProgramData\Razer
2015-07-31 22:28 - 2015-07-31 22:28 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-31 22:28 - 2015-06-12 17:51 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2015-07-31 22:27 - 2015-08-06 19:45 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-31 22:27 - 2015-07-31 22:27 - 00001245 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-31 22:27 - 2015-07-31 22:27 - 00001168 _____ C:\Users\Christian\Desktop\Cheat Engine.lnk
2015-07-31 22:27 - 2015-07-31 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-31 22:27 - 2015-07-31 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-07-31 22:27 - 2015-07-31 22:27 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-07-31 22:24 - 2015-07-31 22:29 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Origin
2015-07-31 22:24 - 2015-07-31 22:29 - 00000000 ____D C:\Users\Christian\AppData\Local\Origin
2015-07-31 22:24 - 2015-07-31 22:24 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2015-07-31 22:24 - 2015-07-31 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2015-07-31 22:23 - 2015-07-31 22:40 - 00000000 ____D C:\ProgramData\Origin
2015-07-31 22:23 - 2015-07-31 22:24 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-31 22:23 - 2015-07-31 22:23 - 00001062 _____ C:\Users\Public\Desktop\Origin.lnk
2015-07-31 22:23 - 2015-07-31 22:23 - 00000000 ____D C:\Users\Christian\AppData\Roaming\SplitmediaLabs
2015-07-31 22:23 - 2015-07-31 22:23 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-31 22:18 - 2015-07-31 22:18 - 00000000 ____D C:\Users\Christian\AppData\Local\Steam
2015-07-31 22:18 - 2015-07-31 22:18 - 00000000 ____D C:\Users\Christian\AppData\Local\CEF
2015-07-31 22:17 - 2015-07-31 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-31 22:16 - 2015-08-20 01:21 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 22:16 - 2015-08-19 21:21 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-31 22:16 - 2015-08-17 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-31 22:16 - 2015-07-31 22:16 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-31 22:16 - 2015-07-31 22:16 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-31 22:15 - 2015-07-31 22:16 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-07-31 22:15 - 2015-07-31 22:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-31 22:15 - 2015-07-31 22:15 - 00000000 ____D C:\Users\Christian\AppData\Local\MicrosoftEdge
2015-07-31 22:14 - 2015-07-31 22:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01009.Wdf
2015-07-31 22:14 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-31 22:13 - 2015-08-13 16:49 - 00000000 ____D C:\Users\Christian\Desktop\Desktop-Games
2015-07-31 22:13 - 2015-07-31 22:13 - 00454744 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-07-31 22:13 - 2015-07-31 22:13 - 00263952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2015-07-31 22:13 - 2015-07-31 22:13 - 00242448 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2015-07-31 22:13 - 2015-07-31 22:13 - 00053992 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 42730312 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 37749064 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 22973584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 18376584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 16160440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 16011680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 15754192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 14511608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 13274904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 12973680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 11843384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 11142984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-07-31 22:11 - 2015-07-31 22:11 - 03351864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 02963208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 02164040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00314936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-07-31 22:11 - 2015-07-31 22:11 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-07-31 22:11 - 2015-07-26 07:13 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-07-31 22:11 - 2015-07-26 06:48 - 22320576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-31 22:11 - 2015-07-26 06:28 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-07-31 22:11 - 2015-07-26 06:20 - 20854232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-31 22:11 - 2015-07-26 05:47 - 11552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-07-31 22:11 - 2015-07-26 05:39 - 09885184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-07-31 22:11 - 2015-07-24 04:48 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-07-31 22:11 - 2015-07-24 04:31 - 02661376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-07-31 22:11 - 2015-07-24 04:26 - 18810368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-07-31 22:11 - 2015-07-22 07:22 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-07-31 22:11 - 2015-07-22 07:13 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-07-31 22:11 - 2015-07-22 06:07 - 16710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-07-31 22:11 - 2015-07-22 06:02 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-07-31 22:11 - 2015-07-22 06:00 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-31 22:11 - 2015-07-22 05:55 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-07-31 22:11 - 2015-07-22 05:54 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-31 22:11 - 2015-07-22 05:53 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-07-31 22:11 - 2015-07-22 05:52 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-07-31 22:11 - 2015-07-22 05:51 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-07-31 22:11 - 2015-07-22 05:27 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-07-31 22:11 - 2015-07-22 05:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-31 22:11 - 2015-07-22 05:08 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-07-31 22:11 - 2015-07-19 06:11 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-07-31 22:11 - 2015-07-19 05:19 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-07-31 22:11 - 2015-07-19 04:53 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-07-31 22:11 - 2015-07-18 10:46 - 01769568 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-07-31 22:11 - 2015-07-18 10:43 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-07-31 22:11 - 2015-07-18 09:29 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-07-31 22:11 - 2015-07-18 07:19 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-31 22:11 - 2015-07-18 07:17 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-07-31 22:11 - 2015-07-18 07:14 - 01396576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-07-31 22:11 - 2015-07-18 05:52 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-07-31 22:11 - 2015-07-17 04:19 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-31 22:11 - 2015-07-17 03:46 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-31 22:11 - 2015-07-16 06:55 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-31 22:11 - 2015-07-16 05:57 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-31 22:11 - 2015-07-16 05:48 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-31 22:11 - 2015-07-16 05:44 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-31 22:11 - 2015-07-16 05:39 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-31 22:11 - 2015-07-16 05:22 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-31 22:11 - 2015-07-15 04:41 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-07-31 22:11 - 2015-07-15 04:10 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-07-31 22:11 - 2015-07-15 03:47 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-31 22:11 - 2015-07-14 03:51 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-07-31 22:11 - 2015-07-14 03:31 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-07-31 22:11 - 2015-07-11 03:17 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-31 22:11 - 2015-07-11 03:04 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-31 22:11 - 2015-07-11 03:03 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-31 22:11 - 2015-07-11 02:51 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-07-31 22:11 - 2015-07-11 02:41 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-31 22:11 - 2015-07-11 02:40 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-31 22:11 - 2015-07-10 11:53 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-07-31 22:10 - 2015-08-19 21:20 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-07-31 22:10 - 2015-07-31 22:10 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-07-31 22:10 - 2015-07-31 22:10 - 00000000 ____D C:\Users\Christian\AppData\Local\MSIOnlineRegister
2015-07-31 22:10 - 2015-07-26 07:16 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-31 22:10 - 2015-07-26 07:16 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-31 22:10 - 2015-07-26 07:15 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-07-31 22:10 - 2015-07-26 07:14 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-31 22:10 - 2015-07-26 07:14 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-31 22:10 - 2015-07-26 07:06 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-31 22:10 - 2015-07-26 06:28 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-07-31 22:10 - 2015-07-26 05:49 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-31 22:10 - 2015-07-26 05:49 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-07-31 22:10 - 2015-07-26 05:47 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-07-31 22:10 - 2015-07-26 05:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-07-31 22:10 - 2015-07-26 05:40 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-07-31 22:10 - 2015-07-26 05:39 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-31 22:10 - 2015-07-26 05:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-07-31 22:10 - 2015-07-26 05:38 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-31 22:10 - 2015-07-26 05:35 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-07-31 22:10 - 2015-07-26 05:34 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-07-31 22:10 - 2015-07-26 05:30 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-07-31 22:10 - 2015-07-26 05:30 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-07-31 22:10 - 2015-07-26 05:29 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-07-31 22:10 - 2015-07-24 05:31 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-07-31 22:10 - 2015-07-24 05:30 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-07-31 22:10 - 2015-07-24 05:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-07-31 22:10 - 2015-07-24 05:17 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-07-31 22:10 - 2015-07-24 05:17 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-07-31 22:10 - 2015-07-24 05:17 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-07-31 22:10 - 2015-07-24 05:12 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-07-31 22:10 - 2015-07-24 05:11 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-07-31 22:10 - 2015-07-24 04:55 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-07-31 22:10 - 2015-07-24 04:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-31 22:10 - 2015-07-24 04:46 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-31 22:10 - 2015-07-24 04:46 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-07-31 22:10 - 2015-07-24 04:46 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-07-31 22:10 - 2015-07-24 04:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-31 22:10 - 2015-07-24 04:40 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-07-31 22:10 - 2015-07-24 04:39 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-07-31 22:10 - 2015-07-24 04:36 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-07-31 22:10 - 2015-07-24 04:34 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-07-31 22:10 - 2015-07-24 04:31 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-07-31 22:10 - 2015-07-24 04:30 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-07-31 22:10 - 2015-07-24 04:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-07-31 22:10 - 2015-07-24 04:29 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-07-31 22:10 - 2015-07-24 04:25 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-07-31 22:10 - 2015-07-24 04:24 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-07-31 22:10 - 2015-07-24 04:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-31 22:10 - 2015-07-24 04:24 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-07-31 22:10 - 2015-07-24 04:24 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-07-31 22:10 - 2015-07-24 04:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-07-31 22:10 - 2015-07-24 04:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-07-31 22:10 - 2015-07-22 07:19 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-07-31 22:10 - 2015-07-22 07:18 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-07-31 22:10 - 2015-07-22 07:17 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-07-31 22:10 - 2015-07-22 07:16 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-07-31 22:10 - 2015-07-22 07:15 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-07-31 22:10 - 2015-07-22 07:15 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-07-31 22:10 - 2015-07-22 07:14 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-07-31 22:10 - 2015-07-22 07:02 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-31 22:10 - 2015-07-22 06:21 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-07-31 22:10 - 2015-07-22 06:13 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-07-31 22:10 - 2015-07-22 06:13 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-07-31 22:10 - 2015-07-22 06:02 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-07-31 22:10 - 2015-07-22 06:02 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-07-31 22:10 - 2015-07-22 06:01 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-07-31 22:10 - 2015-07-22 06:00 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-31 22:10 - 2015-07-22 06:00 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-07-31 22:10 - 2015-07-22 06:00 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-07-31 22:10 - 2015-07-22 06:00 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-31 22:10 - 2015-07-22 06:00 - 00242264 _____ (Microsoft Corporation)

 

[Bandito292]

THIRD:
C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-07-31 22:10 - 2015-07-22 06:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-31 22:10 - 2015-07-22 05:59 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-31 22:10 - 2015-07-22 05:55 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-31 22:10 - 2015-07-22 05:55 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-31 22:10 - 2015-07-22 05:55 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-31 22:10 - 2015-07-22 05:53 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-07-31 22:10 - 2015-07-22 05:52 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-07-31 22:10 - 2015-07-22 05:52 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-07-31 22:10 - 2015-07-22 05:52 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-07-31 22:10 - 2015-07-22 05:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-07-31 22:10 - 2015-07-22 05:49 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-07-31 22:10 - 2015-07-22 05:48 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-07-31 22:10 - 2015-07-22 05:48 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-31 22:10 - 2015-07-22 05:47 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-07-31 22:10 - 2015-07-22 05:46 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-07-31 22:10 - 2015-07-22 05:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-07-31 22:10 - 2015-07-22 05:13 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-07-31 22:10 - 2015-07-22 05:13 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-31 22:10 - 2015-07-22 05:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-07-31 22:10 - 2015-07-22 05:13 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-31 22:10 - 2015-07-22 05:10 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-07-31 22:10 - 2015-07-22 05:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-07-31 22:10 - 2015-07-22 05:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-07-31 22:10 - 2015-07-22 05:07 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-07-31 22:10 - 2015-07-22 05:07 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-07-31 22:10 - 2015-07-22 05:05 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-07-31 22:10 - 2015-07-22 05:04 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-31 22:10 - 2015-07-22 05:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-07-31 22:10 - 2015-07-22 04:50 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-07-31 22:10 - 2015-07-19 06:11 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-07-31 22:10 - 2015-07-19 06:04 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-07-31 22:10 - 2015-07-19 05:54 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-31 22:10 - 2015-07-19 05:40 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-07-31 22:10 - 2015-07-19 05:29 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-07-31 22:10 - 2015-07-19 05:29 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-07-31 22:10 - 2015-07-19 05:23 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-31 22:10 - 2015-07-19 05:22 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-07-31 22:10 - 2015-07-19 05:18 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-07-31 22:10 - 2015-07-19 05:12 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-07-31 22:10 - 2015-07-19 05:12 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-07-31 22:10 - 2015-07-19 05:11 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-07-31 22:10 - 2015-07-19 05:11 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-07-31 22:10 - 2015-07-19 05:02 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-31 22:10 - 2015-07-19 04:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-07-31 22:10 - 2015-07-18 10:48 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-07-31 22:10 - 2015-07-18 10:47 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-07-31 22:10 - 2015-07-18 10:22 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-07-31 22:10 - 2015-07-18 09:48 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-31 22:10 - 2015-07-18 09:43 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-07-31 22:10 - 2015-07-18 09:39 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-07-31 22:10 - 2015-07-18 09:37 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-07-31 22:10 - 2015-07-18 09:33 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-07-31 22:10 - 2015-07-18 09:28 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-07-31 22:10 - 2015-07-18 09:28 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-31 22:10 - 2015-07-18 09:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-07-31 22:10 - 2015-07-18 07:18 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-07-31 22:10 - 2015-07-18 07:17 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-07-31 22:10 - 2015-07-18 07:15 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-07-31 22:10 - 2015-07-18 07:02 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-07-31 22:10 - 2015-07-18 06:54 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-07-31 22:10 - 2015-07-18 06:17 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-07-31 22:10 - 2015-07-18 06:13 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-31 22:10 - 2015-07-18 06:09 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-07-31 22:10 - 2015-07-18 06:06 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-31 22:10 - 2015-07-18 06:01 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-07-31 22:10 - 2015-07-18 05:59 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-31 22:10 - 2015-07-18 05:59 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-31 22:10 - 2015-07-18 05:58 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-07-31 22:10 - 2015-07-18 05:57 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-07-31 22:10 - 2015-07-18 05:56 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-07-31 22:10 - 2015-07-18 05:50 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-31 22:10 - 2015-07-18 05:50 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-31 22:10 - 2015-07-18 05:49 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-07-31 22:10 - 2015-07-18 05:49 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-07-31 22:10 - 2015-07-18 05:49 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-07-31 22:10 - 2015-07-18 05:48 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-07-31 22:10 - 2015-07-18 05:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-07-31 22:10 - 2015-07-18 05:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-07-31 22:10 - 2015-07-17 06:23 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-07-31 22:10 - 2015-07-17 06:17 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-07-31 22:10 - 2015-07-17 06:14 - 02147592 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-07-31 22:10 - 2015-07-17 06:13 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-31 22:10 - 2015-07-17 06:12 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-07-31 22:10 - 2015-07-17 06:07 - 02116960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-07-31 22:10 - 2015-07-17 06:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-07-31 22:10 - 2015-07-17 06:05 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-07-31 22:10 - 2015-07-17 05:39 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-07-31 22:10 - 2015-07-17 05:07 - 01867672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-07-31 22:10 - 2015-07-17 05:05 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-07-31 22:10 - 2015-07-17 05:03 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-07-31 22:10 - 2015-07-17 04:48 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-07-31 22:10 - 2015-07-17 04:39 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-07-31 22:10 - 2015-07-17 04:39 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-07-31 22:10 - 2015-07-17 04:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-07-31 22:10 - 2015-07-17 04:36 - 00858624 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-07-31 22:10 - 2015-07-17 04:34 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-07-31 22:10 - 2015-07-17 04:33 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-07-31 22:10 - 2015-07-17 04:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-07-31 22:10 - 2015-07-17 04:32 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-31 22:10 - 2015-07-17 04:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-31 22:10 - 2015-07-17 04:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-07-31 22:10 - 2015-07-17 04:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-31 22:10 - 2015-07-17 04:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-07-31 22:10 - 2015-07-17 04:21 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-07-31 22:10 - 2015-07-17 04:19 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-07-31 22:10 - 2015-07-17 04:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-07-31 22:10 - 2015-07-17 04:18 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-31 22:10 - 2015-07-17 04:16 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-31 22:10 - 2015-07-17 04:05 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-07-31 22:10 - 2015-07-17 04:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-07-31 22:10 - 2015-07-17 04:00 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-07-31 22:10 - 2015-07-17 03:56 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-07-31 22:10 - 2015-07-17 03:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-07-31 22:10 - 2015-07-17 03:51 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-07-31 22:10 - 2015-07-17 03:50 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-07-31 22:10 - 2015-07-17 03:44 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-31 22:10 - 2015-07-16 07:43 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-07-31 22:10 - 2015-07-16 07:39 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-07-31 22:10 - 2015-07-16 07:34 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-07-31 22:10 - 2015-07-16 07:11 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-31 22:10 - 2015-07-16 06:09 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-07-31 22:10 - 2015-07-16 06:04 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-31 22:10 - 2015-07-16 06:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-31 22:10 - 2015-07-16 06:01 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-31 22:10 - 2015-07-16 05:54 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-07-31 22:10 - 2015-07-16 05:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-07-31 22:10 - 2015-07-16 05:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-31 22:10 - 2015-07-16 05:47 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-07-31 22:10 - 2015-07-16 05:45 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-07-31 22:10 - 2015-07-16 05:43 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-31 22:10 - 2015-07-16 05:41 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-31 22:10 - 2015-07-16 05:40 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-07-31 22:10 - 2015-07-16 05:39 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-07-31 22:10 - 2015-07-16 05:36 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-07-31 22:10 - 2015-07-16 05:35 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-31 22:10 - 2015-07-16 05:33 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-07-31 22:10 - 2015-07-16 05:32 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-07-31 22:10 - 2015-07-16 05:29 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-31 22:10 - 2015-07-16 05:27 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-31 22:10 - 2015-07-16 05:19 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-07-31 22:10 - 2015-07-15 05:21 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-31 22:10 - 2015-07-15 04:49 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-31 22:10 - 2015-07-15 04:49 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-07-31 22:10 - 2015-07-15 04:22 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-31 22:10 - 2015-07-15 04:16 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-07-31 22:10 - 2015-07-15 04:04 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-31 22:10 - 2015-07-15 03:59 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-31 22:10 - 2015-07-15 03:57 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-31 22:10 - 2015-07-15 03:43 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-07-31 22:10 - 2015-07-15 03:41 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-07-31 22:10 - 2015-07-15 03:37 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-31 22:10 - 2015-07-15 03:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-07-31 22:10 - 2015-07-15 03:34 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-07-31 22:10 - 2015-07-15 03:34 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-07-31 22:10 - 2015-07-15 03:27 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-31 22:10 - 2015-07-14 05:13 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-07-31 22:10 - 2015-07-14 05:00 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-31 22:10 - 2015-07-14 04:37 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-07-31 22:10 - 2015-07-14 04:04 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-07-31 22:10 - 2015-07-14 03:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-07-31 22:10 - 2015-07-14 03:50 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-07-31 22:10 - 2015-07-14 03:49 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-07-31 22:10 - 2015-07-14 03:38 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-07-31 22:10 - 2015-07-14 03:31 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-07-31 22:10 - 2015-07-14 03:20 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-07-31 22:10 - 2015-07-13 02:01 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-07-31 22:10 - 2015-07-13 01:30 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-07-31 22:10 - 2015-07-12 02:38 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-07-31 22:10 - 2015-07-12 02:25 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-07-31 22:10 - 2015-07-12 02:18 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-07-31 22:10 - 2015-07-12 01:46 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-07-31 22:10 - 2015-07-11 04:24 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-07-31 22:10 - 2015-07-11 03:28 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-31 22:10 - 2015-07-11 03:22 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-31 22:10 - 2015-07-11 03:21 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-07-31 22:10 - 2015-07-11 03:07 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-31 22:10 - 2015-07-11 03:05 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-07-31 22:10 - 2015-07-11 03:03 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-07-31 22:10 - 2015-07-11 03:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-31 22:10 - 2015-07-11 03:02 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-07-31 22:10 - 2015-07-11 03:01 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-31 22:10 - 2015-07-11 02:57 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-07-31 22:10 - 2015-07-11 02:43 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-07-31 22:10 - 2015-07-11 02:42 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-07-31 22:10 - 2015-07-11 02:41 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-07-31 22:10 - 2015-07-11 02:40 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-31 22:10 - 2015-07-11 02:40 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-31 22:10 - 2015-07-11 02:34 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-07-31 22:10 - 2015-07-10 17:51 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-07-31 22:10 - 2015-07-10 17:47 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-07-31 22:10 - 2015-07-10 17:00 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-07-31 22:10 - 2015-07-10 16:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-07-31 22:10 - 2015-07-10 12:59 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-31 22:10 - 2015-07-10 12:42 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-07-31 22:10 - 2015-07-10 12:10 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-07-31 22:10 - 2015-07-10 12:05 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-07-31 22:10 - 2015-07-10 11:35 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-07-31 22:10 - 2015-07-10 11:31 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-31 22:10 - 2015-07-10 11:29 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-31 22:10 - 2015-07-10 10:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-07-31 22:09 - 2015-07-31 22:10 - 00002380 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-07-31 22:09 - 2015-07-31 22:10 - 00000000 ___RD C:\Users\Christian\OneDrive
2015-07-31 22:09 - 2015-07-31 22:09 - 00624128 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00519056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-31 22:09 - 2015-07-31 22:09 - 00397824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00331808 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00313888 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00300032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00283024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-31 22:09 - 2015-07-31 22:09 - 00143904 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-31 22:09 - 2015-07-31 22:09 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-31 22:08 - 2015-07-31 22:09 - 00589712 _____ C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 36681912 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 35768808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 30404056 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 29613040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 13727296 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 12880160 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 11384832 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 11276968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 10528136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 08507392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 06741482 _____ C:\WINDOWS\system32\igdclbif.bin
2015-07-31 22:08 - 2015-07-31 22:08 - 06389688 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-31 22:08 - 2015-07-31 22:08 - 06305696 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 05467648 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 05121136 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 05092320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 04841488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 04443136 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 03873280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 03801600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-07-31 22:08 - 2015-07-31 22:08 - 02028032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01858632 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01767992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01765408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01565696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01456408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01216000 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01156608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 01008016 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00970752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00927120 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00923536 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00803113 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-07-31 22:08 - 2015-07-31 22:08 - 00723456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-07-31 22:08 - 2015-07-31 22:08 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-07-31 22:08 - 2015-07-31 22:08 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00425472 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-07-31 22:08 - 2015-07-31 22:08 - 00396688 _____ C:\WINDOWS\system32\igfxTray.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00386048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-07-31 22:08 - 2015-07-31 22:08 - 00373248 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00353280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00351120 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00328080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00284280 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00269360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-31 22:08 - 2015-07-31 22:08 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00243200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00219024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00214416 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00213904 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4256.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00200856 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00172032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00163776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00162752 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-31 22:08 - 2015-07-31 22:08 - 00153600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00141080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00140056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00090112 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00082944 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00064512 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00011264 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00004682 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-07-31 22:08 - 2015-07-31 22:08 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-07-31 22:07 - 2015-08-16 11:51 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Spotify
2015-07-31 22:07 - 2015-08-16 10:50 - 00000000 ____D C:\Users\Christian\AppData\Local\Spotify
2015-07-31 22:07 - 2015-07-31 22:07 - 00001866 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-07-31 22:06 - 2015-07-31 22:06 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-07-31 22:05 - 2015-07-31 22:05 - 00047288 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-07-31 22:03 - 2015-07-31 22:03 - 00000000 ____D C:\Users\Christian\AppData\Local\Publishers
2015-07-31 22:02 - 2015-07-31 22:04 - 00000000 ____D C:\Users\Christian\AppData\Local\Comms
2015-07-31 22:02 - 2015-07-31 22:02 - 00000020 ___SH C:\Users\Christian\ntuser.ini
2015-07-31 22:02 - 2015-07-31 22:02 - 00000000 ____D C:\Users\Christian\AppData\Local\TileDataLayer
2015-07-31 20:25 - 2015-08-14 17:07 - 00000000 ____D C:\Users\Christian\AppData\Roaming\NVIDIA
2015-07-31 20:22 - 2015-08-19 21:21 - 00000312 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Christian.job
2015-07-31 20:12 - 2015-07-31 20:12 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA Corporation
2015-07-31 20:12 - 2015-07-24 06:21 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-07-31 20:12 - 2015-07-24 06:21 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-07-31 20:11 - 2015-08-19 21:21 - 00002514 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Christian
2015-07-31 20:11 - 2015-07-31 20:12 - 00000000 ____D C:\Users\Christian\AppData\Local\NVIDIA
2015-07-31 20:10 - 2015-07-31 20:11 - 00000000 ____D C:\Users\Christian\AppData\Roaming\IObit
2015-07-31 20:10 - 2015-07-31 20:11 - 00000000 ____D C:\ProgramData\IObit
2015-07-31 20:10 - 2015-07-31 20:10 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-31 18:01 - 2015-07-31 18:01 - 00000000 ____D C:\Users\Christian\AppData\Local\NetworkTiles
2015-07-31 15:56 - 2015-07-31 15:56 - 00001270 _____

 

[Bandito292]

LAST:
C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk
2015-07-31 15:51 - 2015-07-31 15:51 - 00000000 ____D C:\Program Files (x86)\SteamLibrary
2015-07-31 15:50 - 2015-07-31 19:04 - 00000000 ____D C:\SteamLibrary
2015-07-31 14:55 - 2015-07-22 05:52 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL
C:\Users\Default\Netzwerkumgebung
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Programme
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-07-31 14:53 - 2015-07-31 14:53 - 00000000 __SHD C:\Recovery
2015-07-31 14:49 - 2015-07-31 14:49 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-07-31 14:48 - 2015-08-17 19:36 - 02151280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-31 14:42 - 2015-07-31 14:42 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-31 14:32 - 2015-07-31 14:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-07-31 14:31 - 2015-08-19 21:45 - 00000000 ____D C:\Users\Christian
2015-07-31 14:31 - 2015-08-17 19:34 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Vorlagen
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Startmenü
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Netzwerkumgebung
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Lokale Einstellungen
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Eigene Dateien
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Druckumgebung
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Documents\Eigene Musik
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Documents\Eigene Bilder
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\AppData\Local\Verlauf
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\AppData\Local\Anwendungsdaten
2015-07-31 14:31 - 2015-07-31 14:31 - 00000000 _SHDL C:\Users\Christian\Anwendungsdaten
2015-07-31 14:31 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-31 14:31 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-31 14:31 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-31 14:31 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-31 14:29 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-07-31 14:28 - 2015-07-31 14:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-07-31 14:28 - 2015-07-31 14:28 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-07-31 14:28 - 2015-07-31 14:28 - 00000000 ____D C:\Program Files\Realtek
2015-07-31 14:26 - 2015-07-31 14:27 - 00030214 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-07-31 14:25 - 2015-08-19 20:27 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-31 14:23 - 2015-07-31 14:23 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-07-31 14:23 - 2015-07-31 14:23 - 00000000 ____D C:\Windows.old
2015-07-31 14:22 - 2015-07-31 14:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-07-31 14:22 - 2015-07-31 14:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-31 14:22 - 2015-07-31 14:22 - 00000000 ____D C:\Program Files\MSBuild
2015-07-31 14:22 - 2015-07-31 14:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-31 14:22 - 2015-07-31 14:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-31 14:21 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-31 14:21 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-31 14:21 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-31 14:21 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-07-31 14:21 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-31 14:21 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-31 14:05 - 2015-08-13 15:29 - 00000000 ____D C:\Users\Christian\AppData\Roaming\OBS
2015-07-31 14:04 - 2015-08-13 15:29 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-31 14:04 - 2015-07-31 14:10 - 00000000 ___HD C:\$Windows.~BT
2015-07-31 14:04 - 2015-07-31 14:04 - 00001018 _____ C:\Users\Christian\Desktop\Open Broadcaster Software.lnk
2015-07-31 14:04 - 2015-07-31 14:04 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-07-31 14:04 - 2015-07-31 14:04 - 00000000 ____D C:\Program Files\OBS
2015-07-31 14:03 - 2015-07-31 14:52 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-07-31 14:03 - 2015-07-31 14:52 - 00013338 _____ C:\WINDOWS\diagerr.xml
2015-07-31 13:57 - 2015-07-31 13:57 - 00000000 _____ C:\Users\Christian\agent.log
2015-07-31 13:41 - 2015-07-31 13:41 - 00000000 ___HD C:\$Windows.~WS
2015-07-31 13:39 - 2015-07-31 14:49 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1517504399-1055261760-3252538504-1002
2015-07-31 13:38 - 2015-07-31 13:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-07-31 13:38 - 2015-07-31 13:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Macromedia
2015-07-31 13:37 - 2015-08-20 00:57 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{859999FB-BD2B-487E-8A90-8BAD64B60767}
2015-07-31 13:36 - 2015-07-31 13:36 - 00000000 ____D C:\Users\Christian\AppData\Local\jReminder
2015-07-31 13:35 - 2015-07-31 13:35 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Intel Corporation
2015-07-31 13:35 - 2015-07-31 13:35 - 00000000 ____D C:\Users\Christian\AppData\Local\SteelSeries_ApS
2015-07-31 13:34 - 2015-07-31 13:34 - 00000000 ____D C:\Users\Christian\Documents\Meine empfangenen Dateien
2015-07-31 13:34 - 2015-07-31 13:34 - 00000000 ____D C:\Users\Christian\AppData\Roaming\SteelSeries
2015-07-31 13:34 - 2015-07-31 13:34 - 00000000 ____D C:\Users\Christian\AppData\Local\MSI
2015-07-31 13:33 - 2015-07-31 13:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-07-31 13:33 - 2015-07-31 13:33 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Adobe
2015-07-31 13:33 - 2015-07-31 13:33 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-07-31 13:32 - 2015-07-31 22:35 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-07-31 13:31 - 2015-07-31 13:31 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Intel
2015-07-31 13:20 - 2015-07-31 13:20 - 00002384 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1517504399-1055261760-3252538504-500

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 01:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-19 21:13 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 21:01 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-19 21:00 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-19 20:45 - 2015-07-10 14:20 - 00199824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-19 20:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-19 20:39 - 2014-01-27 20:41 - 00000000 ____D C:\WINDOWS\RE_DRIVE
2015-08-19 20:35 - 2014-01-27 22:41 - 00000000 ____D C:\Program Files (x86)\Boot Configure
2015-08-19 15:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-18 20:54 - 2015-07-10 13:00 - 00680256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-08-18 20:54 - 2015-07-10 13:00 - 00534064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-08-18 20:22 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-17 19:51 - 2013-11-13 06:10 - 00000000 ____D C:\ProgramData\Norton
2015-08-17 19:36 - 2015-07-10 18:34 - 01037458 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-17 19:36 - 2015-07-10 18:34 - 00243746 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-16 12:49 - 2014-01-27 21:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-07 16:14 - 2014-01-27 21:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-01 18:31 - 2014-01-27 21:06 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-01 16:20 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-07-31 22:43 - 2014-01-27 21:23 - 00000000 ____D C:\Program Files\Elantech
2015-07-31 22:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-07-31 22:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-31 22:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-07-31 22:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-07-31 22:41 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-07-31 22:41 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-07-31 22:24 - 2014-01-27 21:36 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2015-07-31 22:10 - 2014-01-27 21:04 - 00000000 ____D C:\Intel
2015-07-31 22:09 - 2014-01-27 21:07 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-07-31 22:09 - 2014-01-27 21:07 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-07-31 22:03 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-07-31 22:03 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-07-31 20:12 - 2014-01-27 21:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-31 20:12 - 2014-01-27 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-31 20:12 - 2014-01-27 21:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-31 18:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-07-31 14:55 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-31 14:53 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-07-31 14:53 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-07-31 14:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-07-31 14:49 - 2014-01-27 21:05 - 00004046 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-07-31 14:49 - 2014-01-27 21:05 - 00003800 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-07-31 14:49 - 2013-11-13 06:11 - 00003436 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-07-31 14:48 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-31 14:48 - 2014-01-27 21:11 - 01790124 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-07-31 14:43 - 2013-11-13 21:33 - 00000000 ____D C:\WINDOWS\uk
2015-07-31 14:43 - 2013-11-13 21:33 - 00000000 ____D C:\WINDOWS\tr
2015-07-31 14:42 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-31 14:42 - 2014-01-27 22:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-07-31 14:42 - 2014-01-27 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-07-31 14:42 - 2014-01-27 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-07-31 14:42 - 2014-01-27 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-31 14:42 - 2014-01-27 21:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-07-31 14:42 - 2013-11-13 21:33 - 00000000 ____D C:\WINDOWS\bg
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\sv
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\sl
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\sk
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\ru
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\ro
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\pl
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\nl
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\lv
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\lt
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\it
2015-07-31 14:42 - 2013-11-13 21:32 - 00000000 ____D C:\WINDOWS\hu
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\hr
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\he
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\fr
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\fi
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\et
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\es
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\en
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\el
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\de
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\da
2015-07-31 14:42 - 2013-11-13 21:31 - 00000000 ____D C:\WINDOWS\cs
2015-07-31 14:42 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-07-31 14:41 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-07-31 14:41 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-07-31 14:41 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-07-31 14:41 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-07-31 14:41 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-07-31 14:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-07-31 14:41 - 2014-01-27 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-07-31 14:40 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-31 14:40 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-07-31 14:40 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-07-31 14:40 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-31 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-07-31 14:40 - 2014-01-27 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-07-31 14:40 - 2014-01-27 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2015-07-31 14:40 - 2014-01-27 21:04 - 00000000 ____D C:\Program Files\Intel
2015-07-31 14:40 - 2014-01-27 21:04 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-31 14:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-07-31 14:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-07-31 14:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-07-31 14:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-07-31 14:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-31 14:30 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-31 14:25 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-31 13:37 - 2013-11-13 02:52 - 00715852 _____ C:\WINDOWS\system32\perfh01F.dat
2015-07-31 13:37 - 2013-11-13 02:52 - 00150496 _____ C:\WINDOWS\system32\perfc01F.dat
2015-07-31 13:37 - 2013-11-13 02:39 - 00725714 _____ C:\WINDOWS\system32\perfh01D.dat
2015-07-31 13:37 - 2013-11-13 02:39 - 00152568 _____ C:\WINDOWS\system32\perfc01D.dat
2015-07-31 13:37 - 2013-11-13 02:00 - 00781366 _____ C:\WINDOWS\system32\perfh019.dat
2015-07-31 13:37 - 2013-11-13 02:00 - 00161902 _____ C:\WINDOWS\system32\perfc019.dat
2015-07-31 13:37 - 2013-11-13 01:39 - 00789794 _____ C:\WINDOWS\system32\prfh0816.dat
2015-07-31 13:37 - 2013-11-13 01:39 - 00164364 _____ C:\WINDOWS\system32\prfc0816.dat
2015-07-31 13:37 - 2013-11-13 01:29 - 00775938 _____ C:\WINDOWS\system32\prfh0416.dat
2015-07-31 13:37 - 2013-11-13 01:29 - 00159030 _____ C:\WINDOWS\system32\prfc0416.dat
2015-07-31 13:37 - 2013-11-13 01:18 - 00798998 _____ C:\WINDOWS\system32\perfh015.dat
2015-07-31 13:37 - 2013-11-13 01:18 - 00163880 _____ C:\WINDOWS\system32\perfc015.dat
2015-07-31 13:37 - 2013-11-13 01:07 - 00798450 _____ C:\WINDOWS\system32\perfh013.dat
2015-07-31 13:37 - 2013-11-13 01:07 - 00162528 _____ C:\WINDOWS\system32\perfc013.dat
2015-07-31 13:37 - 2013-11-13 00:57 - 00441798 _____ C:\WINDOWS\system32\perfh014.dat
2015-07-31 13:37 - 2013-11-13 00:57 - 00077450 _____ C:\WINDOWS\system32\perfc014.dat
2015-07-31 13:37 - 2013-11-13 00:33 - 00794198 _____ C:\WINDOWS\system32\perfh010.dat
2015-07-31 13:37 - 2013-11-13 00:33 - 00156618 _____ C:\WINDOWS\system32\perfc010.dat
2015-07-31 13:37 - 2013-11-13 00:23 - 00743600 _____ C:\WINDOWS\system32\perfh00E.dat
2015-07-31 13:37 - 2013-11-13 00:23 - 00178186 _____ C:\WINDOWS\system32\perfc00E.dat
2015-07-31 13:37 - 2013-11-13 00:08 - 00409156 _____ C:\WINDOWS\system32\perfh00D.dat
2015-07-31 13:37 - 2013-11-13 00:08 - 00065162 _____ C:\WINDOWS\system32\perfc00D.dat
2015-07-31 13:37 - 2013-11-13 00:02 - 00802432 _____ C:\WINDOWS\system32\perfh00C.dat
2015-07-31 13:37 - 2013-11-13 00:02 - 00159382 _____ C:\WINDOWS\system32\perfc00C.dat
2015-07-31 13:37 - 2013-11-12 23:53 - 00427404 _____ C:\WINDOWS\system32\perfh00B.dat
2015-07-31 13:37 - 2013-11-12 23:53 - 00081986 _____ C:\WINDOWS\system32\perfc00B.dat
2015-07-31 13:37 - 2013-11-12 23:41 - 00800858 _____ C:\WINDOWS\system32\perfh00A.dat
2015-07-31 13:37 - 2013-11-12 23:41 - 00166748 _____ C:\WINDOWS\system32\perfc00A.dat
2015-07-31 13:37 - 2013-11-12 23:33 - 00542830 _____ C:\WINDOWS\system32\perfh008.dat
2015-07-31 13:37 - 2013-11-12 23:33 - 00089394 _____ C:\WINDOWS\system32\perfc008.dat
2015-07-31 13:37 - 2013-11-12 23:18 - 00456706 _____ C:\WINDOWS\system32\perfh006.dat
2015-07-31 13:37 - 2013-11-12 23:18 - 00079958 _____ C:\WINDOWS\system32\perfc006.dat
2015-07-31 13:37 - 2013-11-12 23:12 - 00731772 _____ C:\WINDOWS\system32\perfh005.dat
2015-07-31 13:37 - 2013-11-12 23:12 - 00152016 _____ C:\WINDOWS\system32\perfc005.dat
2015-07-24 06:21 - 2014-01-27 21:09 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-01-27 21:09 - 01423304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-07-23 03:10 - 2014-01-27 21:08 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-07-23 03:10 - 2014-01-27 21:08 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-07-22 06:29 - 2014-01-27 21:08 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-17 15:12 - 2015-08-17 15:12 - 3588893 _____ (E-Tech) C:\Program Files\Common Files\itvy444u.exe
2015-08-17 21:43 - 2015-08-17 21:43 - 3588893 _____ (E-Tech) C:\Program Files\Common Files\mhw3f0bx.exe

Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\Christian\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Christian\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Christian\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Christian\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Christian\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Christian\AppData\Local\Temp\nsw4678.exe
C:\Users\Christian\AppData\Local\Temp\SpOrder.dll
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll
C:\Users\Christian\AppData\Local\Temp\System.Data.SQLitebc549035-e563-42f9-af5e-41dcdbfcc4e8.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 17:08

==================== Ende von Ergebnis ============================

 

[Bandito292]

FIRST:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Christian (2015-08-20 02:05:40)
Gestartet von C:\Users\Christian\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1517504399-1055261760-3252538504-500 - Administrator - Disabled)
Christian (S-1-5-21-1517504399-1055261760-3252538504-1002 - Administrator - Enabled) => C:\Users\Christian
DefaultAccount (S-1-5-21-1517504399-1055261760-3252538504-503 - Limited - Disabled)
Gast (S-1-5-21-1517504399-1055261760-3252538504-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.25.6 - Mirillis)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
avast! Browser Cleanup (HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\avast! Browser Cleanup) (Version: 10.2.2218.80 - AVAST Software)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Boot Configure (HKLM\...\{F02936BF-A5EA-4D46-8FE7-EDA999D2BB54}) (Version: 10.014.01103 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
Cyborg F.R.E.Q.7 Headset (HKLM-x32\...\{0F2C05AF-5C38-4886-98C7-E0BE016603D3}) (Version: 1.0.54.0 - Conexant Systems, Inc)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1401.2401 - Application)
Dragon Gaming Center (x32 Version: 1.0.1401.2401 - Application) Hidden
ELAN Touchpad 15.13.1.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.1.1 - ELAN Microelectronic Corp.)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
FREQ7 User Interface (HKLM\...\{F59E2605-2C88-4269-8B20-C371E8037B8A}) (Version: 1.2.4 - Mad Catz)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.168 - IObit)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)
MAGIX MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Social Media Collection (HKLM-x32\...\{F7B87051-7BE9-43EB-8C30-599FA611E748}) (Version: 1.13.1151 - MSI)
NBA 2K15 (HKLM-x32\...\Steam App 282350) (Version: - Visual Concepts)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.0.29.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7121 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ACHTUNG
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.417.28061 - SteelSeries)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{D7BEC6E9-5E86-44FF-AA21-23DA71ED676B}) (Version: 2.4.1506.1243 - SplitmediaLabs)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

01-08-2015 17:38:31 DirectX wurde installiert
06-08-2015 14:01:18 Installiert Cyborg F.R.E.Q.7 Headset
07-08-2015 14:53:27 Windows Modules Installer
13-08-2015 15:56:13 Camtasia Studio 8 wird installiert
16-08-2015 12:49:24 Removed BurnRecovery
17-08-2015 18:08:48 Installing COMODO Antivirus

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0855FF01-52D5-4406-A8F2-270FAF931D4A} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0EF4270A-2BBC-4CB1-B460-03132F0F1DEF} - System32\Tasks\WCSKhlrQu1za7sF => C:\Users\Christian\AppData\Roaming\g1Fx0Vs\pso3dKr.exe
Task: {16D8C663-AA2F-46DD-B476-33B81751A116} - System32\Tasks\Install => C:\Program Files\fchk32\packages\f4df14d5-1038-4499-88d9-c3ffd2bf7816\fchk.exe
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {36F61980-2073-4958-8F7B-3F4E6A16CB21} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {3B024C49-1C73-40E0-A52E-2149549EBA40} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {4108367F-6364-4864-B222-C6D82C7A3BC7} - System32\Tasks\Sekundäre Anmeldung 1.74.17 => C:\WINDOWS\system32\config\systemprofile\AppData\Local\SekundreAnmeldung\srdelayed.exe
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4AAD44EF-2CAF-4389-A777-B1CD94F9DDA6} - System32\Tasks\Uninstaller_SkipUac_Christian => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-18] (IObit)
Task: {5436C98D-E78A-4E10-B399-16AABCA66137} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {553E5773-B0CE-4AE0-BBBA-B04BAAA914AD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\WSCStub.exe
Task: {5B50F4E8-349E-411B-9383-07F49A9F4F09} - System32\Tasks\crash_service => C:\Users\Christian\AppData\Local\BoBrowser\Application\crash_service.exe
Task: {5D0BC2D5-5831-43E9-AAC8-54709DCF7C9E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {81B5C970-21FB-4F7F-BAA9-BA1D3CBB0805} - System32\Tasks\UBAVSTQJEVEMCIFN => C:\ProgramData\Service1198\Service1198.exe <==== ACHTUNG
Task: {82025CFE-ED98-4CA7-8F4F-F04CAAD72FC2} - System32\Tasks\9XTy35D => C:\Users\Christian\AppData\Roaming\9XTy35D.exe <==== ACHTUNG
Task: {89AED4DB-A85E-4A09-B8AE-98E4A7AB6896} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {8DF844C0-C495-4B9A-9BA8-0063529D257A} - System32\Tasks\zyxvmtcn => C:\Program Files\Common Files\jlpztey3\fb2ectgyxieon.exe [2015-08-17] ()
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-15] (Microsoft Corporation)
Task: {939F4AC9-8CA2-4627-8182-6903D045A9C9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-17] (Microsoft Corporation)
Task: {944F9E06-4788-446F-B336-FE8D14E82875} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A6DBDC31-E5EF-473D-8AC8-3141777629BB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {AF928982-701B-4C05-8F5A-2A29583C2120} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {C2B52272-B8D2-49F4-AE18-FA06694B77A7} - System32\Tasks\mWHZNGepLYqcqeK => C:\Users\Christian\AppData\Roaming\Yu9QXEj\4sGCq9P.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C580B348-4329-4F7D-A24E-46BEB66ED882} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CFBB4ED9-37A2-40E1-8535-5B033B3D61BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {DE716E54-379E-4467-901E-7DD48C39890D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {E59E86A8-010F-4D42-95E6-4F3AF0E08301} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {F77536E4-F373-4F3F-A172-C0D3A270EB44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {F9E952AF-815A-4B73-AEEB-8D0FD0F37CA0} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-24] (TODO: <公司名稱>)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\9XTy35D.job => C:\Users\Christian\AppData\Roaming\9XTy35D.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\UBAVSTQJEVEMCIFN.job => 0x000A010079E800FB30B42140B734A9F83B90524C46001601000000003C000A0020000000FEFFFFFF0B0107800013040000268021DF07080003001300170036000000CD0000002B0043003A005C00500072006F006700720061006D0044006100740061005C00530065007200760069006300650031003100390038005C00530065007200760069006300650031003100390038002E00650078006500000000001B0043003A005C00500072006F006700720061006D0044006100740061005C0053006500720076006900630065003100310039003800000017004D00530049002D004300480052004900530045004B004F005C00430068007200690073007400690061006E0000000000000008000000000000000000020030000000DF0708000E00000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0708000E0000000000000011003600A0050000B40000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Christian.job => 0x000A0100E02016203CFDE143BC948ACCECB4199746003601000000003C000A00200000000014730F000000000513040000200021000000000000000000000000000000000000430043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0049004F006200690074005C0049004F00620069007400200055006E0069006E007300740061006C006C00650072005C0049004F0062006900740055006E0069006E007300740061006C00650072002E00650078006500000013002F0055006E0069006E007300740061006C006C004500780070006C006F007200650072000000000017004D00530049002D004300480052004900530045004B004F005C00430068007200690073007400690061006E00000000000000080003130400000000000000

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-31 22:10 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-01-27 21:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-31 22:10 - 2015-07-11 03:22 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-31 22:11 - 2015-07-18 07:19 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-31 22:10 - 2015-07-11 02:57 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-07-31 22:11 - 2015-07-24 04:23 - 01806848 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-07-31 22:11 - 2015-07-18 07:19 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-31 22:08 - 2015-07-31 22:08 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-31 22:11 - 2015-07-24 04:25 - 06576640 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-31 22:10 - 2015-07-11 03:03 - 00883200 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-07-31 22:11 - 2015-07-24 04:23 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-01-27 21:35 - 2012-11-01 21:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-01-27 21:35 - 2012-11-01 21:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-23 17:15 - 2014-01-23 17:15 - 00758784 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2015-07-31 22:06 - 2015-07-31 22:06 - 00089915 _____ () C:\Users\Christian\AppData\Local\Temp\fcaa5f9b-83be-462f-bb26-c1541883b2c0\CliSecureRT64.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00287744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00140288 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 09633280 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-01-23 17:15 - 2014-01-23 17:15 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2013-08-09 00:35 - 2013-08-09 00:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-31 20:10 - 2015-07-31 20:10 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-01-27 21:04 - 2013-09-16 22:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-31 22:29 - 2015-07-14 12:15 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll
2015-07-31 20:12 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-31 22:18 - 2015-07-03 18:12 - 00778240 _____ () D:\Steam\SDL2.dll
2015-07-31 22:18 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-08-13 12:34 - 2015-08-12 20:26 - 02413248 _____ () D:\Steam\video.dll
2015-07-31 22:18 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-07-31 22:18 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2015-07-31 22:17 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2015-07-31 22:17 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2015-07-31 22:17 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2015-07-31 22:17 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2015-07-31 22:17 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2015-08-13 12:34 - 2015-08-12 20:26 - 00704192 _____ () D:\Steam\bin\chromehtml.DLL
2015-08-13 12:34 - 2015-07-27 03:13 - 00171008 _____ () D:\Steam\bin\openvr_api.dll
2014-04-10 17:43 - 2014-04-10 17:43 - 00245760 _____ () C:\Program Files\Mad Catz\FREQ7 User Interface\Saitek.WPF_ControlLib.dll
2014-03-13 12:56 - 2014-03-13 12:56 - 00050176 _____ () C:\Program Files\Mad Catz\FREQ7 User Interface\Strike7API.dll
2015-07-31 22:28 - 2015-07-14 12:15 - 00724480 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2015-07-31 22:29 - 2015-07-14 12:15 - 41289216 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll
2015-07-31 22:28 - 2015-07-14 12:15 - 00544256 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2015-07-31 22:29 - 2015-07-14 12:15 - 01482240 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll
2015-07-31 22:29 - 2015-07-14 12:15 - 00073728 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll
2015-07-31 22:17 - 2015-07-03 18:12 - 39553928 _____ () D:\Steam\bin\libcef.dll
2015-08-18 00:45 - 2015-08-08 17:42 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-08-18 00:45 - 2015-08-08 17:42 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-08-18 00:45 - 2015-08-08 17:42 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2010-12-17 22:56 - 2010-12-17 22:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-16 22:16 - 2010-12-16 22:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-18 09:34 - 2010-01-18 09:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 22:55 - 2013-03-07 22:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 22:58 - 2013-03-07 22:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2015-08-12 22:21 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 22:21 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\Program Files\Common Files\mhw3f0bx.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\Battle-Royale-v060.zip:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\download_repair.htm:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\iobituninstaller5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\iobituninstaller5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\NPE.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\NPE.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\PreventonAntivirus.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\PreventonAntivirus.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\spybot-2.4.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\SpyHunter-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\SpyHunter-Installer.exe:$CmdZnID

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\Desktop\2-V2+logo_3840x2160.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

 

[Bandito292]

SECOND:
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\startupreg: OneDrive => "c:\users\christian\appdata\local\microsoft\onedrive\onedrive.exe" /background
MSCONFIG\startupreg: RemoteControl10 => "c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe"
MSCONFIG\startupreg: Spotify => "c:\users\christian\appdata\roaming\spotify\spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "c:\users\christian\appdata\roaming\spotify\spotifywebhelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "c:\program files (x86)\common files\java\java update\jusched.exe"
MSCONFIG\startupreg: UpdReg => c:\windows\updreg.exe
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2EEAFF0CFCFCFB74DD2FBD68E6B4F991"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2237CFE4-9D56-42C3-95F9-659A3F82FB19}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{88BB2847-86C1-4FDA-9BF7-DE724E784797}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{70C1D52C-B586-4EA1-98E9-020CFC70DF45}] => (Allow) LPort=1900
FirewallRules: [{46B62EA1-692C-43BF-A543-925F26966896}] => (Allow) LPort=2869
FirewallRules: [{88534048-92B0-4434-B900-7CC55D4D607A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3CAE07C8-4840-4A3A-AA4E-BF949C39A42E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{F61A4644-D4D4-4AEF-B871-DC43C1D70F9C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{649AF374-6765-4BED-99E7-1B45B5433A6C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{A6EFEE37-DE81-435C-BDD4-4D3389DC80D0}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{21D1066E-971F-4F4B-BA66-182E932DB0D7}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{0BA9D649-1471-42E9-AB8B-C974BA0FAB20}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AA748F64-E42D-4BA2-95BF-84CB181E9E95}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D8AC3E15-AEB1-4580-8C1D-431C2F27AF47}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C6472BB9-DC4B-4FF5-956D-7C3A0E87E4F8}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{976DE5AA-02DC-4959-9943-5BC62B6C03F1}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{1FE1C2F1-BAB0-4838-8448-964289739F48}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{E8FE88A8-8EF5-43A3-8C3F-450C2E2E4817}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{32CED2D7-3AD7-4B6D-A2A4-3F7482E065A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E4F59098-75CB-4D47-B91F-F88AD98EAFF0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BE2F6B3E-3AD4-44DE-A5DB-454018512148}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6EE19F3A-C844-4892-A9EA-9E288D92940F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{26814C23-F796-45F4-AF61-EC008A251732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5E438E6A-9E9F-4956-892D-7A6CEF9082E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1595F745-B3FC-46E1-AF51-E072653C484B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{783D6474-F7ED-43B1-A5E3-25C8A5A95BB3}] => (Allow) C:\SteamLibrary\steamapps\common\NBA2K15\NBA2K15.exe
FirewallRules: [{2C87C219-7F24-4C8D-A5D2-F052E5EDAC33}] => (Allow) C:\SteamLibrary\steamapps\common\NBA2K15\NBA2K15.exe
FirewallRules: [TCP Query User{F28CDE07-D428-4B34-94F1-2E8D0301FA85}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FEF137EF-3CD3-40DA-BFBC-44D7414BAB3D}C:\users\christian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christian\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{31B75F73-CFBC-4172-B2B5-ED3AA6B1FFBB}D:\steam\steamapps\common\arma 3\arma3.exe] => (Block) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{963C6A04-9AF2-4C69-B1A9-8C1BCCBF73FE}D:\steam\steamapps\common\arma 3\arma3.exe] => (Block) D:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{95FFD38A-0488-44D1-8FB6-17F826C4B4FA}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{C216EF65-C50C-493E-9A60-1BEF384C29BA}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{3E00DCDE-0927-431C-8330-EB3279605B48}] => (Allow) C:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4E0DD588-8FC4-4AB9-894E-2C029623F37E}] => (Allow) C:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{67E23092-8974-4CEF-B89B-E06BCE0286AF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D20F6C56-9C0F-4EF1-9580-11E7816BE268}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5B7B9395-2582-44E5-9205-366E2AD79ACA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{AD7F1392-41F5-4001-8CD6-7676B0853BDC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6B925021-B0DA-408C-9A27-5D7E40289BE6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6A22E6CB-4B65-4FAA-83CC-E7132CFA13E4}] => (Allow) C:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{A2B2EC0A-D668-4F4B-9909-E36D9103FF5E}] => (Allow) C:\SteamLibrary\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/19/2015 09:25:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 2.91.71.80, Zeitstempel: 0x55cb7c96
Name des fehlerhaften Moduls: pepflashplayer32_18_0_0_209.dll, Version: 18.0.0.209, Zeitstempel: 0x55a1efb5
Ausnahmecode: 0x40000015
Fehleroffset: 0x00753fd2
ID des fehlerhaften Prozesses: 0x1c1c
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (08/19/2015 08:31:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 2.91.71.80, Zeitstempel: 0x55cb7c96
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0x80000003
Fehleroffset: 0x00132bd2
ID des fehlerhaften Prozesses: 0x4080
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (08/19/2015 08:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 2.91.71.80, Zeitstempel: 0x55cb7c96
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0x80000003
Fehleroffset: 0x00132bd2
ID des fehlerhaften Prozesses: 0x26e8
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (08/19/2015 07:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 2.91.71.80, Zeitstempel: 0x55cb7c96
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2357.1273.0, Zeitstempel: 0x5581d4e8
Ausnahmecode: 0x80000003
Fehleroffset: 0x00bf002d
ID des fehlerhaften Prozesses: 0x2ef0
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (08/19/2015 07:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 2.91.71.80, Zeitstempel: 0x55cb7c96
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3b2a
Ausnahmecode: 0x80000003
Fehleroffset: 0x00132bd2
ID des fehlerhaften Prozesses: 0x14bc
Startzeit der fehlerhaften Anwendung: 0xsteamwebhelper.exe0
Pfad der fehlerhaften Anwendung: steamwebhelper.exe1
Pfad des fehlerhaften Moduls: steamwebhelper.exe2
Berichtskennung: steamwebhelper.exe3
Vollständiger Name des fehlerhaften Pakets: steamwebhelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: steamwebhelper.exe5

Error: (08/19/2015 02:54:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI-CHRISEKO)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/19/2015 12:27:38 PM) (Source: Perflib) (EventID: 1015) (User: )
Description: SpoolerC:\Windows\System32\winspool.drv0

Error: (08/18/2015 10:55:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/18/2015 10:55:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/18/2015 10:55:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.


Systemfehler:
=============
Error: (08/20/2015 01:46:14 AM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 12:46:15 AM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 11:46:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 10:46:15 PM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 09:46:18 PM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 09:22:18 PM) (Source: DCOM) (EventID: 10016) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/19/2015 09:01:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (08/19/2015 09:01:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Defender-Dienst erreicht.

Error: (08/19/2015 09:01:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Preventon AV Scanning Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/19/2015 09:01:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Preventon AV Assistant Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office:
=========================
Error: (08/19/2015 09:25:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: steamwebhelper.exe2.91.71.8055cb7c96pepflashplayer32_18_0_0_209.dll18.0.0.20955a1efb54000001500753fd21c1c01d0dab48342f590D:\Steam\bin\steamwebhelper.exeC:\WINDOWS\SYSTEM32\Macromed\Flash\pepflashplayer32_18_0_0_209.dllb8badcbd-6763-4a6a-91bc-26d259ac3715

Error: (08/19/2015 08:31:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: steamwebhelper.exe2.91.71.8055cb7c96KERNELBASE.dll10.0.10240.16384559f3b2a8000000300132bd2408001d0daad37a9c359D:\Steam\bin\steamwebhelper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlla731f1d9-b4bf-4db7-8811-3f3dded8e62b

Error: (08/19/2015 08:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: steamwebhelper.exe2.91.71.8055cb7c96KERNELBASE.dll10.0.10240.16384559f3b2a8000000300132bd226e801d0daa4f9f77a62D:\Steam\bin\steamwebhelper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllde85c75a-b89b-400b-b819-9110711f43f5

Error: (08/19/2015 07:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: steamwebhelper.exe2.91.71.8055cb7c96libcef.dll3.2357.1273.05581d4e88000000300bf002d2ef001d0daa4ad95b2c8D:\Steam\bin\steamwebhelper.exeD:\Steam\bin\libcef.dlle175edd6-964e-4d5b-9b1f-e4a3fb471b76

Error: (08/19/2015 07:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: steamwebhelper.exe2.91.71.8055cb7c96KERNELBASE.dll10.0.10240.16384559f3b2a8000000300132bd214bc01d0daa464a2018bD:\Steam\bin\steamwebhelper.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll97376c76-b490-48ff-aae8-6ab276fd12b0

Error: (08/19/2015 02:54:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI-CHRISEKO)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170

Error: (08/19/2015 12:27:38 PM) (Source: Perflib) (EventID: 1015) (User: )
Description: SpoolerC:\Windows\System32\winspool.drv0

Error: (08/18/2015 10:55:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5240-1032

Error: (08/18/2015 10:55:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost5240C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert

Error: (08/18/2015 10:55:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost5240-1032


CodeIntegrity:
===================================
Date: 2015-08-19 21:17:35.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-19 21:05:17.953
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:05:11.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:05:11.055
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:02:17.737
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:47.825
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:23.072
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.608
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.597
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8111.2 MB
Verfügbarer physikalischer RAM: 4704.95 MB
Summe virtueller Speicher: 9391.2 MB
Verfügbarer virtueller Speicher: 4277.02 MB

==================== Laufwerke ================================

Drive c: (OS_Install) (Fixed) (Total:285.68 GB) (Free:143.37 GB) NTFS
Drive d: (Steam) (Fixed) (Total:161.1 GB) (Free:54.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B607E9EB)

Partition: GPT.

==================== Ende von Ergebnis ============================

 

[Broni]

Uninstall following unwanted program:

Rocket League

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After running the above fix you'll see another unwanted program in Control Panel which you want to uninstall:

globalupdate Helper

 

[Bandito292]

Are you sure I need to uninstall Rocket League? I dont want to sound disrespectfull but Rocket League is an simply steam game which even costs money. My friend is playing it too and he dosent have the Ad problem. Im sorry if this sounds disrespectfull but I cant believe this game is causing trouble. If I would unistall Rocket League could I reinstall it later on? I really aprecciate your help!

 

[Bandito292]

Edit:
I succesfully used your fixlist and uninstalled globalupdate Helper.
Rocket League is still Installed.

 

[Bandito292]

Forgot to post it sry... Here ist the FIXLOG:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Christian (2015-08-20 03:10:45) Run:1
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
AppInit_DLLs: C:\ProgramData\Saophase\513g5viq.dll => C:\ProgramData\Saophase\513g5viq.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\ProgramData\Saophase\v4ezlosj.dll => "C:\ProgramData\Saophase\v4ezlosj.dll" Datei nicht gefunden
SearchScopes: HKU\S-1-5-21-1517504399-1055261760-3252538504-1002 -> {625644C2-4122-4388-9F9E-A1812C36D7F4} URL =
BHO: Kein Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> Keine Datei
S2 AV Assistant Service; C:/Program Files (x86)/Preventon Antivirus/AVAssistant.exe [X]
S2 AV Scanning Service; C:/Program Files (x86)/Preventon Antivirus/AVScanningService.exe [X]
S2 CmdAgent; kein ImagePath
S3 cmdvirth; kein ImagePath
S1 bsdriver; \??\C:\WINDOWS\system32\drivers\bsdriver.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei
2015-08-17 15:12 - 2015-08-17 15:12 - 3588893 _____ (E-Tech) C:\Program Files\Common Files\itvy444u.exe
2015-08-17 21:43 - 2015-08-17 21:43 - 3588893 _____ (E-Tech) C:\Program Files\Common Files\mhw3f0bx.exe
C:\Users\Christian\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\Christian\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Christian\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Christian\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Christian\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Christian\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Christian\AppData\Local\Temp\nsw4678.exe
C:\Users\Christian\AppData\Local\Temp\SpOrder.dll
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll
C:\Users\Christian\AppData\Local\Temp\System.Data.SQLitebc549035-e563-42f9-af5e-41dcdbfcc4e8.dll
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
Task: {81B5C970-21FB-4F7F-BAA9-BA1D3CBB0805} - System32\Tasks\UBAVSTQJEVEMCIFN => C:\ProgramData\Service1198\Service1198.exe <==== ACHTUNG
Task: {82025CFE-ED98-4CA7-8F4F-F04CAAD72FC2} - System32\Tasks\9XTy35D => C:\Users\Christian\AppData\Roaming\9XTy35D.exe <==== ACHTUNG
C:\ProgramData\Service1198\Service1198.exe
C:\Users\Christian\AppData\Roaming\9XTy35D.exe
Task: C:\WINDOWS\Tasks\9XTy35D.job => C:\Users\Christian\AppData\Roaming\9XTy35D.exe <==== ACHTUNG
C:\Users\Christian\AppData\Roaming\9XTy35D.exe
AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\Program Files\Common Files\mhw3f0bx.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\Battle-Royale-v060.zip:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\download_repair.htm:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\iobituninstaller5.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\iobituninstaller5.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\NPE.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\NPE.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\PreventonAntivirus.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\PreventonAntivirus.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\spybot-2.4.exe:$CmdZnID
AlternateDataStreams: C:\Users\Christian\Downloads\SpyHunter-Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Christian\Downloads\SpyHunter-Installer.exe:$CmdZnID

*****************

"C:\ProgramData\Saophase\513g5viq.dll" => Wert Daten erfolgreich entfernt.
"C:\ProgramData\Saophase\v4ezlosj.dll" => Wert Daten erfolgreich entfernt.
"HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{625644C2-4122-4388-9F9E-A1812C36D7F4}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{625644C2-4122-4388-9F9E-A1812C36D7F4} => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Schlüssel nicht gefunden.
AV Assistant Service => Dienst erfolgreich entfernt
AV Scanning Service => Dienst erfolgreich entfernt
CmdAgent => Dienst konnte nicht entfernt werden
cmdvirth => Dienst erfolgreich entfernt
bsdriver => Dienst erfolgreich entfernt
wfpcapture => Dienst erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs UserManager => erfolgreich entfernt
C:\Program Files\Common Files\itvy444u.exe => erfolgreich verschoben
C:\Program Files\Common Files\mhw3f0bx.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\BingBarSetup-Partner.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\BSvcProcessor.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\BSvcUpdater.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\EsgInstallerx64Stub.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\jre-8u51-windows-au.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\nsw4678.exe => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\SpOrder.dll => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll => erfolgreich verschoben
C:\Users\Christian\AppData\Local\Temp\System.Data.SQLitebc549035-e563-42f9-af5e-41dcdbfcc4e8.dll => erfolgreich verschoben
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81B5C970-21FB-4F7F-BAA9-BA1D3CBB0805}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81B5C970-21FB-4F7F-BAA9-BA1D3CBB0805}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\UBAVSTQJEVEMCIFN => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UBAVSTQJEVEMCIFN" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82025CFE-ED98-4CA7-8F4F-F04CAAD72FC2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82025CFE-ED98-4CA7-8F4F-F04CAAD72FC2}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\9XTy35D => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9XTy35D" => Schlüssel erfolgreich entfernt
"C:\ProgramData\Service1198\Service1198.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Christian\AppData\Roaming\9XTy35D.exe" => Datei/Ordner nicht gefunden.
C:\WINDOWS\Tasks\9XTy35D.job => erfolgreich verschoben
"C:\Users\Christian\AppData\Roaming\9XTy35D.exe" => Datei/Ordner nicht gefunden.
"C:\autoexec.bat" => ":$CmdTcID" ADS nicht gefunden.
"C:\WINDOWS\system32\MRT.exe" => ":$CmdTcID" ADS nicht gefunden.
"C:\WINDOWS\SysWOW64\FlashPlayerApp.exe" => ":$CmdTcID" ADS nicht gefunden.
"C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl" => ":$CmdTcID" ADS nicht gefunden.
"C:\Program Files\Common Files\mhw3f0bx.exe" => ":$CmdTcID" ADS nicht gefunden.
"C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\adwcleaner_5.000 (1).exe => ":$CmdZnID" ADS erfolgreich entfernt.
"C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\adwcleaner_5.000 (2).exe => ":$CmdZnID" ADS erfolgreich entfernt.
C:\Users\Christian\Downloads\Battle-Royale-v060.zip => ":$CmdZnID" ADS erfolgreich entfernt.
C:\Users\Christian\Downloads\download_repair.htm => ":$CmdZnID" ADS erfolgreich entfernt.
"C:\Users\Christian\Downloads\iobituninstaller5.exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\iobituninstaller5.exe => ":$CmdZnID" ADS erfolgreich entfernt.
"C:\Users\Christian\Downloads\NPE.exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\NPE.exe => ":$CmdZnID" ADS erfolgreich entfernt.
"C:\Users\Christian\Downloads\PreventonAntivirus.exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\PreventonAntivirus.exe => ":$CmdZnID" ADS erfolgreich entfernt.
C:\Users\Christian\Downloads\spybot-2.4.exe => ":$CmdZnID" ADS erfolgreich entfernt.
"C:\Users\Christian\Downloads\SpyHunter-Installer.exe" => ":$CmdTcID" ADS nicht gefunden.
C:\Users\Christian\Downloads\SpyHunter-Installer.exe => ":$CmdZnID" ADS erfolgreich entfernt.

==== Ende von Fixlog 03:10:49 ====

 

[Broni]

You're right. Rocket League is a false positive.
You can reinstall it.
My apology

Next...

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

• Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to the following:
  
• Launch Malwarebytes Anti-Malware
• A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  
• Click Finish.
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
  
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
  
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Export'.
• Click 'Text file (*.txt)'
• In the Save File dialog box which appears, click on Desktop.
• In the File name: box type a name for your scan log.
• A message box named 'File Saved' should appear stating "Your file has been successfully exported".
• Click Ok
• Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the Scan Log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard'
• Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Scan button.
• When the scan has finished click on Clean button.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[Bandito292]

RogueKiller V10.10.1.0 [Aug 17 2015] by Adlice Software
Mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Betriebssystem : Windows 10 (10.0.10240) 64 bits version
gestarted in : normaler Modus
User : Christian [Administrator]
Started from : C:\Users\Christian\Desktop\RogueKiller.exe
Modus : Löschen -- Datum : 08/20/2015 03:37:37

¤¤¤ Prozesse : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1517504399-1055261760-3252538504-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> ersetzt (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1517504399-1055261760-3252538504-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://msi13.msn.com -> ersetzt (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)

¤¤¤ Aufgaben : 4 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\UBAVSTQJEVEMCIFN.job -- C:\ProgramData\Service1198\Service1198.exe -> gelöscht
[Suspicious.Path] \crash_service -- C:\Users\Christian\AppData\Local\BoBrowser\Application\crash_service.exe (--max-reports=50 --no-window -v=1) -> gelöscht
[Suspicious.Path] \Install -- C:\Program Files\fchk32\packages\f4df14d5-1038-4499-88d9-c3ffd2bf7816\fchk.exe (run="C:\Program Files\fchk32\packages\f4df14d5-1038-4499-88d9-c3ffd2bf7816\temp\run.exe" task="Install" args="" iid="2150990") -> gelöscht
[Suspicious.Path] \Sekundäre Anmeldung 1.74.17 -- C:\WINDOWS\system32\config\systemprofile\AppData\Local\SekundreAnmeldung\srdelayed.exe (/t) -> gelöscht

¤¤¤ Dateien : 0 ¤¤¤

¤¤¤ Host Dateien : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: nicht geladen [0xc000036b]) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ MBR Überprüfung : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000LPVX-22V0TT0 +++++
--- User ---
[MBR] 89ab27d5c0847bb99dd39a2bd0880d00
[BSP] 2c3b66d0c8d842624d548d1eeecb18b9 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 600 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1230848 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1845248 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2107392 | Size: 292541 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 601231360 | Size: 450 MB
5 - Basic data partition | Offset (sectors): 602152960 | Size: 164968 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 940007424 | Size: 17952 MB
User = LL1 ... OK
User = LL2 ... OK

 

[Bandito292]

Hey Broni!
Since the restart (Because of Malwarebytes Anti-Malware) my Pc got an way biggier problem. I cant connect to the Internet. It says The DNS server isnt answering. Contact an network admin.
After many restarts of my Pc + wlan Router I got an felling that I may deleted an important registry key. I really dont know what to do but I already turnd off my firewall and Google Chrome, Internet Explorer and Microsoft Edge cant connect because of the DNS issue
Btw my Cell phone got no Problem connecting to the internet. Thanks for helping Broni!


 

[Bandito292]

Ok I fixd the problem via (TCP/IPv4)!
Here is the MBAM ScanLog:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 19.08.2015
Suchlaufzeit: 20:05
Protokolldatei: MBAM ScanLog.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.19.05
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Christian

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 378347
Abgelaufene Zeit: 29 Min., 34 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 7
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SERVICE1198.EXE, In Quarantäne, [961b62a8dbb01a1c2d321efbc83b7987],
PUP.Optional.EpsanScan.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\JKRXFGIV1, Löschen bei Neustart, [3081cc3e19727db9a975ddd82bd93cc4],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, In Quarantäne, [a50cb456a1ea86b098e3733d36cee11f],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, In Quarantäne, [476a907ae9a289ad99e23a7620e44bb5],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98AD4C4E-92AB-47B9-A529-A437E2E545E0}, In Quarantäne, [cee35fab44474fe7b9c2763adb29e21e],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, In Quarantäne, [c8e981895a31f73f49ac41dbdd2642be],
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB, In Quarantäne, [ecc58d7d5932a59156d002b36a9aa65a],

Registrierungswerte: 21
PUP.Optional.WombatUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\Service1198.exe|{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, 130840409481210096, In Quarantäne, [961b62a8dbb01a1c2d321efbc83b7987]
PUP.Optional.CrossBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, Crossbrowse, In Quarantäne, [1c95c3470f7c9f977adc50c950b33dc3]
PUP.Optional.CrossBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, In Quarantäne, [0da4a2689eeda393c09632e7010229d7]
PUP.Optional.CrossBrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, Crossbrowse, In Quarantäne, [f1c0e525ee9d5fd734228a8f4bb8a060]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, In Quarantäne, [3f7202085a31cb6b322c07aa2fd509f7]
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, In Quarantäne, [a50cb456a1ea86b098e3733d36cee11f]
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, In Quarantäne, [476a907ae9a289ad99e23a7620e44bb5]
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{98ad4c4e-92ab-47b9-a529-a437e2e545e0}|Name, C:\Program Files\shopperz12082015\Tuejet.exe, In Quarantäne, [cee35fab44474fe7b9c2763adb29e21e]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, In Quarantäne, [09a89377b2d92e08a4058f2245bf24dc]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\ENVIRONMENT|SNP, http://feed.snapdo.com?publisher=AP...e=17.08.2015&barcodeid=50014999&channelid=888, In Quarantäne, [aa070a00fd8ecb6b4367fcb59f65a759]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, In Quarantäne, [c8e981895a31f73f49ac41dbdd2642be]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, In Quarantäne, [3e73f81290fbf83e2c2e3180be461ce4]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, In Quarantäne, [6948709a93f82e086eed704143c155ab]
PUP.Optional.CrossBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_2EEAFF0CFCFCFB74DD2FBD68E6B4F991, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window, In Quarantäne, [9b16709a1576be78870e2e7e877d4cb4]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype6, 8/14/15 17:48:40, In Quarantäne, [ecc58d7d5932a59156d002b36a9aa65a]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype4, 8/14/15 17:49:6, In Quarantäne, [565b6b9fb7d4c670c5614b6a5fa5f30d]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype34, 8/14/15 17:49:6, In Quarantäne, [3b7610fa4546b5819d893085b054817f]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype35, 8/14/15 17:49:6, In Quarantäne, [575a63a7f497aa8c3ee83184679d43bd]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype43, 8/14/15 17:49:10, In Quarantäne, [90215fab4744b58154d202b35fa5669a]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype14, 8/14/15 17:50:15, In Quarantäne, [bff29971f7947db95ec80fa6887cc838]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\OB|monitype25, 8/14/15 17:51:0, In Quarantäne, [e4cd5eac4d3ecf679294dadb22e27d83]

Registrierungsdaten: 7
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({ielnksrch}),Ersetzt,[50613cce0b8086b008d9e4720ff6d42c]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, Gut: (www.google.com), Schlecht: (http://feed.sonic-search.com/?p=mKO...}),Ersetzt,[0ea37793e0ab9e9816c5ababf90ce21e]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzX...hfjiGj-noQ92iFF94VJHoSUvNv_8Z0QVcOUUCS0QQXFVS, Gut: (www.google.com), Schlecht: (http://feed.snapdo.com/?p=mKO_AwFzX...S),Ersetzt,[90211eec246744f2a339154156afa35d]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, Gut: (www.google.com), Schlecht: (http://feed.sonic-search.com/?p=mKO...}),Ersetzt,[476a24e6b6d57db9e0fbf85e46bf17e9]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, Gut: (www.google.com), Schlecht: (http://feed.sonic-search.com/?p=mKO...}),Ersetzt,[8c2551b9fd8eb2845784cc8a26dfc13f]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.sonic-search.com/?p=mKO...1WY18iIAePfRHvVg_1XkfTGWsH0aN&q={searchTerms}, Gut: (www.google.com), Schlecht: (http://feed.sonic-search.com/?p=mKO...}),Ersetzt,[5f5214f60f7cf0464d908acc2bda966a]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1517504399-1055261760-3252538504-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({ielnksrch}),Ersetzt,[773ae624810a41f5c7174f07c0455fa1]

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 49
PUP.Optional.BundleInstaller.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{6D9D4819-3F98-447B-B850-D52DC2BBCCED}, In Quarantäne, [7938c9410d7e56e00f25025a42be1ee2],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{04CD7DD8-94EB-4DF9-ADFE-C13FB71E8762}, In Quarantäne, [466b4bbf8803ab8b477bfc9369985ea2],
PUP.Optional.CrossRider.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{085CF2CC-D3E7-4614-A852-B56E7BB8CA92}, In Quarantäne, [bdf4af5b89029a9c2acedfa935d08878],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{0A4FFE54-15BE-4D74-AFD0-396AF46B30F5}, In Quarantäne, [bff2f9114d3ee4525b677d124bb61ae6],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{1247F2DA-C108-4732-BB88-09410F1A9EAB}, In Quarantäne, [575a5ab0fb90b284665c3c538b7622de],
PUP.Optional.InstallCore.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{1384C764-673E-413A-B5BC-897A31FBB3A4}, In Quarantäne, [308131d91477c96d5fdf3c6e1be65ea2],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{28B1EDDE-1686-49CB-9118-695D7B8E21DE}, In Quarantäne, [c0f123e7c5c62c0ad0f27d1214ed0ef2],
PUP.Optional.CrossRider.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{2C9D85E4-50B2-420F-93E1-874F0FA5A3AE}, In Quarantäne, [a50c0dfd2269191d0fe9533522e3f10f],
PUP.Optional.IBryte, C:\ProgramData\Comodo\Cis\Quarantine\data\{2D33E07F-C24B-4ADA-A355-9130CC9B3A75}, In Quarantäne, [417038d2147784b28d238037a65b4eb2],
PUP.Optional.CrossRider.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{2E28F380-240A-4C61-98A0-0B70E6954596}, In Quarantäne, [f9b848c2296272c4a7ff157ef1100cf4],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{454C858C-5D6C-4720-BECB-F734E78882BD}, In Quarantäne, [0aa71ded6e1df2448939c4cb59a8c838],
PUP.Optional.KreapixelNetwork.SID, C:\ProgramData\Comodo\Cis\Quarantine\data\{5D7B7AF1-637F-4797-BB42-1073ECCCF84D}, In Quarantäne, [c3ee6e9c1576d2645821b9cf02034ab6],
PUP.Optional.CrossRider.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{6317E0CD-ED2E-4852-898B-947F7C892D96}, In Quarantäne, [d1e0f3176a21ac8ab8402662cc39ce32],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{6A9F11B1-1D86-43A4-A576-402DC60CB3F7}, In Quarantäne, [8b26d436d1ba73c3dee4088745bc6a96],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{6C63FF08-AC32-4559-A044-9061F029698D}, In Quarantäne, [1f929a70c6c572c4932feba4669b7f81],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{76C79117-0EF8-4753-B59E-57710FE4847E}, In Quarantäne, [fdb498724f3c092d655dd3bcee13ec14],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{88FAB813-2CFD-4DBF-8B3E-DFE69BD507F8}, In Quarantäne, [555c40caf596fe3860627817728fe11f],
PUP.Optional.iCinema.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{8BA91149-0E3D-4FFC-BEFB-1157CCB73C1A}, In Quarantäne, [387979911b701c1ac574255f4cb58d73],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{907FFDDA-7E3A-467C-B9BF-EADCA1A0110B}, In Quarantäne, [b7fa1febfe8d1323c8faa6e922dfa15f],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{9D95DF03-1489-4755-A218-10555EC2E64C}, In Quarantäne, [c8e99e6ce2a983b33989bad579883bc5],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{BC0EB215-CA8D-47ED-8940-2C83D75226C5}, In Quarantäne, [1899a367315ad2644d750689f11002fe],
PUP.Optional.CrossRider.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{C965683F-FAD7-43D4-930B-42B02F6CECAA}, In Quarantäne, [852cf9112d5e0e2890688404a65fd828],
PUP.Optional.KreapixelNetwork.SID, C:\ProgramData\Comodo\Cis\Quarantine\data\{E604C34E-0E76-4B0A-948A-1998FEDBF097}, In Quarantäne, [b6fb22e8d5b64aece5944e3a877ef30d],
PUP.Optional.ModGoog, C:\ProgramData\Comodo\Cis\Quarantine\data\{E7FC0D2F-5064-46C7-88D0-C3761B856E61}, In Quarantäne, [a11031d925666acc4a78a9e6ac55827e],
PUP.Optional.InstallCore.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{EA6D3F43-132C-490D-A0A7-1C1EF74572E3}, In Quarantäne, [2d84b05a0d7e4ee8b688d7d380818779],
PUP.Optional.Nova.A, C:\Program Files (x86)\Battle.net\38d01565-36c8-454f-8b88-a1515feb5cd4.dll, In Quarantäne, [d7da24e60e7deb4b0620e278b948817f],
PUP.Optional.Crossrider, C:\Program Files (x86)\Battle.net\a9e7144b-cc20-4f13-bba2-cc1df55c4de0.dll, In Quarantäne, [feb3b05a92f9ed49dc2a1499b849c838],
PUP.Optional.Nova.A, C:\Program Files (x86)\Boot Configure\4939fd4c-46da-4e28-a2ec-9af6f7ee853c.dll, In Quarantäne, [06ab12f8018aa78f46e05efcc33eba46],
PUP.Optional.Nova.A, C:\Program Files (x86)\Boot Configure\8f6840f0-a25b-4c28-b2ee-893e502aca5d.dll, In Quarantäne, [1e9330da9fecbb7b1f07be9ce120db25],
PUP.Optional.Nova.A, C:\Program Files (x86)\Boot Configure\bcda11eb-dd76-4bc7-9c7c-c85aa6501c8c.dll, In Quarantäne, [634e6e9c2e5dcb6b43e3a5b5926f8878],
PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\Uiviuuj64.dll, In Quarantäne, [822f14f60a819b9b55a1af1ff60b7f81],
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\Uiviuuj.dll, In Quarantäne, [664ba169197242f4797c418d926fb050],
Rootkit.Agent.A, C:\Windows\System32\drivers\bsdriver.sys, Löschen bei Neustart, [f8b9d03ae6a52e081310216bac55867a],
PUP.Optional.Cherimoya.A, C:\Windows\System32\drivers\cherimoya.sys, Löschen bei Neustart, [e2cf44c6315a61d5d2fd0a7f22e3ea16],
PUP.Optional.Amonetize, C:\Users\Christian\AppData\Local\Temp\nso7265.exe, In Quarantäne, [6f4253b7dbb0a98d873bc60814ed01ff],
PUP.Optional.WebBar.A, C:\Users\Christian\AppData\Local\Temp\2144.exe, In Quarantäne, [466b6aa0226960d6e471790d7f821fe1],
Trojan.Agent, C:\Users\Christian\AppData\Local\Temp\zaTfs.tmp, In Quarantäne, [3879a1698704ff374daad8f6a061728e],
PUP.Optional.EORezo, C:\Users\Christian\AppData\Local\Temp\is-CAEKA.tmp\1P1I9LkpUSw==0.tmp, In Quarantäne, [8e237e8c276463d3335fe3a5e124b44c],
PUP.Optional.Jabuticaba.A, C:\Users\Christian\Downloads\uninstaller (1).exe, In Quarantäne, [278a69a18b005dd900417614c4416a96],
PUP.Optional.Jabuticaba.A, C:\Users\Christian\Downloads\uninstaller.exe, In Quarantäne, [2b860a002e5d280ec37e71192cd9cf31],
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\Uiviuuj.ini, In Quarantäne, [a30eb9519eedbe789ea08297b84b9c64],
PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\UiviuujOff.ini, In Quarantäne, [ddd43dcd03885bdb7fc1a2778c775ea2],
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\UiviuujOff.ini, In Quarantäne, [ebc68585f09b30060c340910b74c0ef2],
PUP.Optional.WombatUpdater.A, C:\Windows\AppPatch\Custom\{a53dd3e5-0283-4ab3-b77c-7bd1bc7550c6}.sdb, In Quarantäne, [634e62a87615f83e154945d4ca3907f9],
PUP.Optional.Linkury.Gen.A, C:\Windows\SysWOW64\findit.xml, In Quarantäne, [d0e1e2282d5e5adc0de21207ad566997],
PUP.Optional.RecentlyFix.C, C:\Users\Christian\AppData\Local\recently-fix.db, In Quarantäne, [00b153b74d3e1d191d4fa0843ac9a65a],
Rootkit.Agent.A, C:\Windows\System32\drivers\cherimoya.sys, Löschen bei Neustart, [6b465ab0a9e277bfa3ad4fe008fb1ce4],
PUP.Optional.EpsanScan.A, C:\Windows\System32\Tasks\JKRXFGIV1, In Quarantäne, [03ae0cfebccf979f50ccdcd9ba4a34cc],
PUP.Optional.EpsanScan.A, C:\Windows\Tasks\JKRXFGIV1.job, In Quarantäne, [02afe9219cef8aac07167045e71d837d],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

 

[Bandito292]

AdwCleaner found Nothing:
# AdwCleaner v5.002 - Bericht erstellt 20/08/2015 um 16:23:51
# Aktualisiert 18/08/2015 von Xplode
# Datenbank : 2015-08-18.2 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Christian - MSI-CHRISEKO
# Gestarted von : C:\Users\Christian\Desktop\adwcleaner_5.002.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner[C1].txt - [3313 Bytes] - [18/08/2015 18:07:33]
C:\AdwCleaner[C2].txt - [2013 Bytes] - [19/08/2015 02:37:23]
C:\AdwCleaner[S1].txt - [2967 Bytes] - [18/08/2015 17:45:02]
C:\AdwCleaner[S2].txt - [1805 Bytes] - [19/08/2015 00:07:34]
C:\AdwCleaner[S3].txt - [1072 Bytes] - [19/08/2015 20:04:13]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1000 Bytes] ##########

 

[Bandito292]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 10 Home x64
Ran by Christian on 20.08.2015 at 16:31:54,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Christian
Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Christian.job



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Christian\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Christian\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\Users\Christian\Documents\add-in express
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin



~~~ Chrome


[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
fgboogeaaklojbicocbcepgdjjfbmgli,
ljmibnagodajacnnbifpamhggcohblip
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.08.2015 at 16:33:52,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[Broni]

Let's see about your connection...

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

 

[Bandito292]

Farbar Service Scanner Version: 26-07-2015
Ran by Christian (administrator) on 20-08-2015 at 22:31:15
Running from "C:\Users\Christian\Desktop"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

[Broni]

That looks fine.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following boxes:

• Report IE Proxy Settings
• Report FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer log
• List Devices (do NOT change any settings)
• List Restore Points

Click Go and post the result.

 

[Bandito292]

MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Christian (administrator) on 20-08-2015 at 22:50:21
Running from "C:\Users\Christian\Downloads"
Microsoft Windows 10 Home (X64)
Model: GE70 2PC Manufacturer: Micro-Star International Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel(R) Dual Band Wireless-AC 3160 = WiFi (Connected)
Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-Verbindung* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth-Netzwerkverbindung" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-Verbindung* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

Hostname . . . . . . . . . . . . : MSI-ChrisEko
Prim�res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : local

Ethernet-Adapter Ethernet:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: local
Beschreibung. . . . . . . . . . . : Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
Physische Adresse . . . . . . . . : 44-8A-5B-43-E1-75
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja

Drahtlos-LAN-Adapter LAN-Verbindung* 3:

Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physische Adresse . . . . . . . . : A0-88-69-6C-B1-06
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja

Drahtlos-LAN-Adapter WiFi:

Verbindungsspezifisches DNS-Suffix: local
Beschreibung. . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3160
Physische Adresse . . . . . . . . : A0-88-69-6C-B1-05
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::809b:b2b7:e41b:a24%2(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.0.6(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Donnerstag, 20. August 2015 16:25:08
Lease l�uft ab. . . . . . . . . . : Freitag, 21. August 2015 21:12:08
Standardgateway . . . . . . . . . : 192.168.0.1
DHCP-Server . . . . . . . . . . . : 192.168.0.1
DHCPv6-IAID . . . . . . . . . . . : 94406761
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1D-4D-16-7A-44-8A-5B-43-E1-75
DNS-Server . . . . . . . . . . . : 8.8.8.8
8.8.4.4
NetBIOS �ber TCP/IP . . . . . . . : Aktiviert
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2a00:1450:400a:804::1009
109.193.193.104
109.193.193.94
109.193.193.118
109.193.193.119
109.193.193.88
109.193.193.103
109.193.193.84
109.193.193.98
109.193.193.99
109.193.193.108
109.193.193.113
109.193.193.123
109.193.193.109
109.193.193.93
109.193.193.114
109.193.193.89


Ping wird ausgef�hrt f�r google.com [109.193.193.114] mit 32 Bytes Daten:
Antwort von 109.193.193.114: Bytes=32 Zeit=16ms TTL=59
Antwort von 109.193.193.114: Bytes=32 Zeit=14ms TTL=59

Ping-Statistik f�r 109.193.193.114:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 14ms, Maximum = 16ms, Mittelwert = 15ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 2001:4998:58:c02::a9
2001:4998:c:a06::2:4008
2001:4998:44:204::a7
98.139.183.24
98.138.253.109
206.190.36.45


Ping wird ausgef�hrt f�r yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=173ms TTL=47
Antwort von 206.190.36.45: Bytes=32 Zeit=169ms TTL=47

Ping-Statistik f�r 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 169ms, Maximum = 173ms, Mittelwert = 171ms

Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik f�r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
6...44 8a 5b 43 e1 75 ......Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
3...a0 88 69 6c b1 06 ......Microsoft Wi-Fi Direct Virtual Adapter
2...a0 88 69 6c b1 05 ......Intel(R) Dual Band Wireless-AC 3160
1...........................Software Loopback Interface 1
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.6 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.0.0 255.255.255.0 Auf Verbindung 192.168.0.6 281
192.168.0.6 255.255.255.255 Auf Verbindung 192.168.0.6 281
192.168.0.255 255.255.255.255 Auf Verbindung 192.168.0.6 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.0.6 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.0.6 281
===========================================================================
St�ndige Routen:
Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
1 306 ::1/128 Auf Verbindung
2 281 fe80::/64 Auf Verbindung
2 281 fe80::809b:b2b7:e41b:a24/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
2 281 ff00::/8 Auf Verbindung
===========================================================================
St�ndige Routen:
Keine
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2015 08:56:22 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/20/2015 08:56:22 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/20/2015 08:56:11 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/20/2015 08:56:11 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/20/2015 08:56:01 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/20/2015 08:56:01 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/20/2015 08:55:51 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/20/2015 08:55:51 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (08/20/2015 08:55:41 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (08/20/2015 08:55:41 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (8044) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.


System errors:
=============
Error: (08/20/2015 09:54:26 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 08:52:49 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 07:53:06 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 06:54:44 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 05:54:45 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 04:54:45 PM) (Source: DCOM) (User: MSI-CHRISEKO)
Description: AnwendungsspezifischLokalAktivierung{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}MSI-ChrisEkoChristianS-1-5-21-1517504399-1055261760-3252538504-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/20/2015 04:32:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Groove Music

Error: (08/20/2015 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/20/2015 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/20/2015 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (08/20/2015 08:56:22 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044-1032

Error: (08/20/2015 08:56:22 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert

Error: (08/20/2015 08:56:11 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044-1032

Error: (08/20/2015 08:56:11 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert

Error: (08/20/2015 08:56:01 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044-1032

Error: (08/20/2015 08:56:01 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert

Error: (08/20/2015 08:55:51 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044-1032

Error: (08/20/2015 08:55:51 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert

Error: (08/20/2015 08:55:41 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044-1032

Error: (08/20/2015 08:55:41 PM) (Source: ESENT)(User: )
Description: SettingSyncHost8044C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert


CodeIntegrity Errors:
===================================
Date: 2015-08-19 21:17:35.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-19 21:05:17.953
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:05:11.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:05:11.055
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 21:02:17.737
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:47.825
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:23.072
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.608
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-19 20:57:18.597
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


========================= Devices: ================================

========================= Restore Points ==================================

01-08-2015 15:38:31 DirectX wurde installiert
06-08-2015 12:01:18 Installiert Cyborg F.R.E.Q.7 Headset
07-08-2015 12:53:27 Windows Modules Installer
13-08-2015 13:56:13 Camtasia Studio 8 wird installiert
16-08-2015 10:49:24 Removed BurnRecovery
17-08-2015 16:08:48 Installing COMODO Antivirus
20-08-2015 01:13:42 Removed globalupdate Helper

**** End of log ****

 

[Broni]

Your connection seems to be fine.
What is the actual problem which makes you think there is no connection?

 

[Bandito292]

Well the problem is actually fixed. I changed my DNS server to 8.8.8.8 (google) and now I got internet connection but steamwebhelper still causing trouble with stupid ads

 

[Broni]

OK then....

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Make sure you checkmark Addition.txt box.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.