HEUR/QVM11.1.Malware.Gen Virus?

Aquean · 18.10.2015, 14:24

Seit langer Zeit startet mein Laptop(win8) sehr langsam (braucht 1-3min zum hochfahren) früher war er in 30sekunden oben. heute wurde mir durch mein virenprogramm (360 total security) als ich was downloadete HEUR/QVM11.1.Malware.Gen angezeigt das komische war es wurde mir bei fast jeden gedownloadeten programm angezeigt bzw. vorn dran gehangen sogar bei chip.de.
Was kann ich nun machen?

schrauber · 18.10.2015, 19:04

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Aquean · 18.10.2015, 20:05

FRST.txt
FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Patrick (Administrator) auf PATRICK (18-10-2015 21:00:01)
Gestartet von C:\Users\Patrick\Downloads
Geladene Profile: Patrick (Verfügbare Profile: Patrick)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Spotify Ltd) C:\Users\Patrick\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(FileZilla Project) C:\Program Files\FileZilla FTP Client\filezilla.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [EasySettingBox] => C:\Program Files (x86)\Samsung\Easy Setting Box\EasySettingBox.exe [594944 2013-12-26] ()
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [EasySettingBox] => C:\Program Files (x86)\Samsung\Easy Setting Box\EasySettingBox.exe [594944 2013-12-26] ()
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-07-13] ()
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Run: [MyComGames] => C:\Users\Patrick\AppData\Local\MyComGames\MyComGames.exe [4129736 2015-09-01] (MY.COM B.V.)
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Run: [Spotify] => C:\Users\Patrick\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-11] (Spotify Ltd)
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\RunOnce: [Adobe Speed Launcher] => 1445102738
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\MountPoints2: {f18ee11d-9e7e-11e4-825c-806e6f6e6963} - "E:\autorun.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-08-05]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2015-02-22]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk [2015-05-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{03A8DDE3-6E2B-4141-85D2-CDD5085AB6A2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1422478697&from=smt&uid=HGSTXHTS541515A9E630_DA4010DJG0P41RG0P41RX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1422478697&from=smt&uid=HGSTXHTS541515A9E630_DA4010DJG0P41RG0P41RX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1422478697&from=smt&uid=HGSTXHTS541515A9E630_DA4010DJG0P41RG0P41RX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1422478697&from=smt&uid=HGSTXHTS541515A9E630_DA4010DJG0P41RG0P41RX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
HKU\S-1-5-21-15211011-686277194-496942200-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-15211011-686277194-496942200-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx&ts=1445088888
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx&ts=1445088888
SearchScopes: HKU\S-1-5-21-15211011-686277194-496942200-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx&ts=1444771441
SearchScopes: HKU\S-1-5-21-15211011-686277194-496942200-1001 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-15211011-686277194-496942200-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx&ts=1444771441
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-27] (Oracle Corporation)
BHO: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-27] (Oracle Corporation)
BHO: Kein Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default
FF NewTab: hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
FF DefaultSearchEngine: YAC Safe Search 
FF SearchEngineOrder.1: YAC Safe Search
FF SelectedSearchEngine: YAC Safe Search 
FF Homepage: hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-05-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-05-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-15211011-686277194-496942200-1001: @my.com/Games -> C:\Users\Patrick\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-20] (My.com, Inc)
FF Plugin HKU\S-1-5-21-15211011-686277194-496942200-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Patrick\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (RocketLife, LLP)
FF user.js: detected! => C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default\user.js [2015-10-17]
FF SearchPlugin: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default\searchplugins\yac-safe-search-.xml [2015-10-17]
FF Extension: Avira Browser Safety - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default\Extensions\abs@avira.com [2015-09-21] [ist nicht signiert]
FF Extension: xRocket Toolbar - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default\Extensions\arthurj8283@gmail.com [2015-10-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-07-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ur68loj9.default\extensions\arthurj8283@gmail.com

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de
CHR StartupUrls: Profile 1 -> "hxxp://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx"
CHR DefaultSearchURL: Profile 1 -> hxxp://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=hgstxhts541515a9e630_da4010djg0p41rg0p41rx&ts=1445088888
CHR DefaultSearchKeyword: Profile 1 -> yac safe search
CHR Profile: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-17]
CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-17]
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Google Tabellen) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-17]
CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17]
CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR Profile: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Adblock Plus) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-25]
CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (Google Tabellen) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-25]
CHR Extension: (360 Internet Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glcimepnljoholdmjchkloafkggfoijh [2015-07-25]
CHR Extension: (Avira SafeSearch) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-04-29]
CHR Extension: (Avira SafeSearch) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-04-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Patrick\Downloads\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2015-01-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-15211011-686277194-496942200-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-07-20] (Adobe Systems) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18064 2015-04-18] ()
S2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
S2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-04-16] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-07-23] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-23] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-07-23] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-21] (360.cn)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [162512 2014-02-14] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-04-16] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [61832 2015-08-20] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-09-01] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [68488 2015-08-26] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-28] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [827040 2013-09-14] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 X86BDA; C:\Windows\system32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-18 15:11 - 2015-10-18 15:12 - 00065131 _____ C:\Users\Patrick\Downloads\Addition.txt
2015-10-18 15:10 - 2015-10-18 21:00 - 00033515 _____ C:\Users\Patrick\Downloads\FRST.txt
2015-10-18 15:10 - 2015-10-18 21:00 - 00000000 ____D C:\FRST
2015-10-18 15:08 - 2015-10-18 15:08 - 02196992 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe
2015-10-18 15:03 - 2015-10-18 15:03 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Typing 2.1.lnk
2015-10-18 15:03 - 2015-10-18 15:03 - 00000000 ____D C:\Users\Patrick\Desktop\EasyTyping212
2015-10-18 15:03 - 2015-10-18 15:03 - 00000000 ____D C:\Program Files (x86)\Trauner
2015-10-18 15:00 - 2015-10-18 15:01 - 62303647 _____ C:\Users\Patrick\Desktop\EasyTyping212.zip
2015-10-18 15:00 - 2015-10-18 15:01 - 00000094 _____ C:\Users\Patrick\Desktop\easytyping2.ini
2015-10-18 14:58 - 2015-10-18 14:58 - 00382057 _____ C:\Users\Patrick\Desktop\PapDesigner.zip
2015-10-18 14:56 - 2015-10-18 14:56 - 00000000 ____D C:\Users\Patrick\Desktop\testNN32
2015-10-18 14:55 - 2015-10-18 14:55 - 06539752 _____ (Tim Kosse) C:\Users\Patrick\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-18 03:33 - 2015-10-18 03:33 - 00524637 _____ C:\Users\Patrick\Downloads\MineZoneGermany (@MineZoneGermany) _ Twitter.html
2015-10-18 03:33 - 2015-10-18 03:33 - 00000000 ____D C:\Users\Patrick\Downloads\MineZoneGermany (@MineZoneGermany) _ Twitter_files
2015-10-18 03:11 - 2015-10-18 03:11 - 00000850 _____ C:\Users\Patrick\AppData\Local\recently-used.xbel
2015-10-17 19:45 - 2015-10-17 19:47 - 53131150 _____ C:\Users\Patrick\Downloads\Geraped - Janosch (Klarstellung).mp4
2015-10-17 19:45 - 2015-10-17 19:45 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\EasySettingBox
2015-10-17 19:36 - 2015-10-17 19:36 - 00001834 _____ C:\Users\Public\Desktop\Easy Setting Box.lnk
2015-10-17 19:36 - 2015-10-17 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-10-17 19:36 - 2015-10-17 19:36 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-10-17 19:33 - 2015-10-17 19:33 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2015-10-17 19:17 - 2015-10-17 19:33 - 00001646 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2015-10-17 00:01 - 2015-10-17 13:52 - 00008192 _____ C:\Users\Patrick\Downloads\Super Mario Collection (Japan).srm
2015-10-17 00:00 - 2015-10-17 00:00 - 00980304 _____ C:\Users\Patrick\Downloads\Super Mario Collection (Japan).zip
2015-10-16 23:58 - 2015-10-16 23:58 - 00040039 _____ C:\Users\Patrick\Downloads\Super Mario Brothers 2 (Japan).zip
2015-10-16 23:58 - 2015-10-16 23:58 - 00040039 _____ C:\Users\Patrick\Downloads\Super Mario Brothers 2 (Japan) (1).zip
2015-10-16 23:52 - 2015-10-16 23:52 - 00226427 _____ C:\Users\Patrick\Downloads\Super Mario Bros. 3 (Japan).zip
2015-10-16 23:32 - 2015-10-16 23:32 - 00000000 ____D C:\Users\Patrick\Desktop\Nestopia
2015-10-16 19:49 - 2015-10-16 19:49 - 00064801 _____ C:\Users\Patrick\Downloads\CRdMpuSWUAAC5Jc.jpg-large
2015-10-16 18:35 - 2015-10-16 18:35 - 00000000 ____D C:\Users\Patrick\AppData\LocalLow\Temp
2015-10-16 18:32 - 2015-10-17 15:31 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2015-10-16 18:32 - 2015-10-17 15:31 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2015-10-16 18:32 - 2015-10-17 15:31 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2015-10-16 18:29 - 2015-10-16 18:29 - 00001656 _____ C:\Users\Public\Desktop\Empire Earth.lnk
2015-10-16 18:26 - 2015-10-17 15:30 - 00000224 _____ C:\Windows\SIERRA.INI
2015-10-16 18:26 - 2015-10-16 18:26 - 00000000 ____D C:\Sierra
2015-10-16 18:26 - 2015-10-16 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-10-16 18:08 - 2015-10-16 18:08 - 16596480 _____ C:\Users\Patrick\Downloads\CF-Auto-Root-m0-m0xx-gti9300.zip
2015-10-16 18:07 - 2015-10-16 18:07 - 19531504 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Patrick\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-10-16 17:47 - 2015-10-16 17:47 - 01461024 _____ C:\Users\Patrick\Downloads\VirtualBox - CHIP-Installer.exe
2015-10-16 17:46 - 2015-10-16 17:46 - 00000000 __SHD C:\found.000
2015-10-16 00:00 - 2015-10-16 18:25 - 00000000 ____D C:\Users\Patrick\Desktop\bilder
2015-10-15 23:29 - 2015-10-15 23:38 - 00387592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-15 16:49 - 2015-10-15 16:49 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-10-15 16:49 - 2015-10-15 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-10-15 15:38 - 2015-10-15 15:39 - 30668968 _____ (Riot Games) C:\Users\Patrick\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-10-15 15:08 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 15:08 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 15:08 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 15:08 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 15:08 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 15:08 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 15:08 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 22:20 - 2015-10-14 22:26 - 00000000 ____D C:\d39cbc0af2b47795b360c952
2015-10-14 16:57 - 2015-10-14 16:57 - 00044997 _____ C:\Users\Patrick\Downloads\Übungen_Absatzformatierung.zip
2015-10-14 16:56 - 2015-10-14 16:56 - 01045825 _____ C:\Users\Patrick\Downloads\Übungsdokumente_Zeichenformatierung.zip
2015-10-14 14:53 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 14:53 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 14:53 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 14:53 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 14:53 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-14 14:53 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-14 14:52 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 14:52 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 14:52 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 14:52 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 14:52 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 14:52 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-14 14:52 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 14:52 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 14:52 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 14:52 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 14:52 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 14:52 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 14:52 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 14:52 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-14 14:52 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-14 14:51 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 14:51 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 14:51 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 14:51 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 14:51 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 14:51 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 14:51 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 14:51 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 14:51 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 14:51 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 14:51 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 14:51 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 14:51 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 14:51 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 14:51 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 14:51 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 14:51 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 14:51 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 14:51 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 14:51 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 14:51 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 14:51 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 14:51 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 14:51 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 14:51 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-14 14:51 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 14:51 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 14:51 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 14:51 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 14:51 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 14:51 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 14:51 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 14:51 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 14:51 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 14:51 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 14:51 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 14:51 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 14:51 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-14 14:51 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 14:51 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 14:51 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 14:51 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 14:51 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 14:51 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 14:51 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 14:51 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 14:51 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 14:51 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 14:51 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:51 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:51 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-13 22:59 - 2015-10-15 23:26 - 00001468 _____ C:\Windows\PFRO.log
2015-10-13 21:48 - 2015-10-13 21:48 - 00001921 _____ C:\Users\Public\Desktop\YAC.lnk
2015-10-13 21:48 - 2015-10-13 21:48 - 00000000 ____D C:\Windows\system32\log
2015-10-13 21:48 - 2015-10-13 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-10-13 21:48 - 2015-10-13 21:48 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2015-10-13 21:48 - 2015-08-26 08:49 - 00068488 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-10-13 21:48 - 2015-04-16 10:55 - 00053568 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-10-13 21:45 - 2015-10-13 21:45 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Elex-tech
2015-10-13 21:44 - 2015-10-13 21:44 - 00916008 _____ () C:\Users\Patrick\Downloads\yet_another_cleaner_sk_6274535.exe
2015-10-12 22:58 - 2015-10-12 22:58 - 00064699 _____ C:\Users\Patrick\Downloads\CRIJbkBWgAAW1fN.jpg-large
2015-10-12 21:46 - 2015-10-12 21:46 - 00043702 _____ C:\Users\Patrick\Downloads\wolo.jpg-large
2015-10-11 18:08 - 2015-10-18 20:55 - 00009053 _____ C:\Windows\setupact.log
2015-10-11 18:08 - 2015-10-11 18:08 - 00000000 _____ C:\Windows\setuperr.log
2015-10-10 21:51 - 2015-10-10 21:51 - 00001701 _____ C:\Users\Patrick\Desktop\Surgeon Simulator 2013.lnk
2015-10-10 21:51 - 2015-10-10 21:51 - 00000000 ____D C:\Games
2015-10-08 14:15 - 2015-10-08 14:15 - 00000921 _____ C:\Users\Patrick\Downloads\Dokumente - Verknüpfung.lnk
2015-10-07 20:55 - 2015-10-07 20:55 - 00125444 _____ C:\Users\Patrick\Downloads\CQbLo9-WsAE0A76.mp4
2015-10-07 18:31 - 2015-10-07 18:31 - 00027933 _____ C:\Users\Patrick\Downloads\CQull-mWUAAhsh5.jpg-large
2015-10-07 18:30 - 2015-10-07 18:30 - 00028434 _____ C:\Users\Patrick\Downloads\CQugl3bWcAAP5aR.jpg-large
2015-10-07 18:28 - 2015-10-07 18:28 - 00033611 _____ C:\Users\Patrick\Desktop\Steuerrechner.zip
2015-10-07 18:26 - 2015-10-18 20:55 - 00000600 _____ C:\Users\Patrick\AppData\Local\PUTTY.RND
2015-10-07 18:23 - 2015-10-18 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\FileZilla
2015-10-07 18:23 - 2015-10-07 18:23 - 00001812 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-10-07 18:23 - 2015-10-07 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-07 18:23 - 2015-10-07 18:23 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-10-07 03:26 - 2015-10-07 03:26 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\FileZilla Server
2015-10-07 03:15 - 2015-10-07 03:15 - 00029044 _____ C:\Users\Patrick\Downloads\879D.tmp
2015-10-07 02:30 - 2015-10-07 02:30 - 00157660 _____ C:\Users\Patrick\Downloads\1KdcxYTw.jpeg
2015-10-04 02:12 - 2015-10-04 02:12 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashRpt
2015-10-04 02:08 - 2015-10-11 23:15 - 00000000 ____D C:\Users\Patrick\AppData\Local\wf-launcher
2015-10-04 02:08 - 2015-10-11 23:13 - 00000000 ____D C:\ProgramData\GFACE
2015-10-03 22:08 - 2015-10-03 22:09 - 00000222 _____ C:\Users\Patrick\Desktop\Warface.url
2015-10-02 20:03 - 2015-10-18 15:02 - 00000000 ____D C:\Users\Patrick\AppData\Local\Spotify
2015-10-02 20:03 - 2015-10-02 20:03 - 00001868 _____ C:\Users\Patrick\Desktop\Spotify.lnk
2015-10-02 20:03 - 2015-10-02 20:03 - 00001854 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-02 20:01 - 2015-10-18 15:02 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Spotify
2015-10-02 20:01 - 2015-10-02 20:01 - 00147616 _____ (Spotify Ltd) C:\Users\Patrick\Downloads\SpotifySetup.exe
2015-09-30 19:29 - 2015-09-30 19:29 - 05953020 _____ C:\Users\Patrick\Downloads\Hasst Strache alle Ausländer_ - Ein Video für Politik Neulinge.mp4
2015-09-27 21:30 - 2015-09-27 21:30 - 00026190 _____ C:\Users\Patrick\Downloads\CP7tT2iWIAAMdvw.jpg-large
2015-09-27 20:21 - 2015-09-27 20:21 - 00058901 _____ C:\Users\Patrick\Downloads\CP7Zy4TWEAAKTuo.jpg-large
2015-09-25 18:09 - 2015-09-25 18:09 - 00002246 _____ C:\Users\Patrick\Desktop\HP Support Assistant.lnk
2015-09-25 18:08 - 2015-09-25 18:08 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-09-22 21:00 - 2015-09-22 21:00 - 00001751 _____ C:\Users\Patrick\Downloads\edvointernal-ca.crl
2015-09-22 20:10 - 2015-07-28 03:09 - 00987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-09-22 20:10 - 2015-07-28 03:09 - 00484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-09-22 20:10 - 2015-07-28 03:08 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-09-22 20:10 - 2015-07-28 03:08 - 00690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-09-22 19:08 - 2015-09-22 19:08 - 00000000 ____D C:\Users\Patrick\.dnx
2015-09-22 18:41 - 2015-09-22 18:41 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2015-09-20 21:05 - 2015-09-20 21:05 - 08388608 _____ C:\Users\Patrick\Downloads\SM64 Chaos Edition V1.3.z64
2015-09-20 20:43 - 2015-10-16 18:36 - 00000000 ____D C:\Users\Patrick\Documents\Visual Studio 2015
2015-09-20 20:36 - 2015-09-20 20:36 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-09-20 20:27 - 2015-09-20 20:27 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-09-20 20:27 - 2015-09-20 20:27 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-09-20 20:27 - 2015-09-20 20:27 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-09-20 20:26 - 2015-09-20 20:26 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-09-20 20:26 - 2015-09-20 20:26 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-09-20 20:23 - 2015-09-20 20:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-09-20 20:23 - 2015-09-20 20:23 - 00000000 ____D C:\Program Files\IIS Express
2015-09-20 20:23 - 2015-09-20 20:23 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-09-20 20:23 - 2015-09-20 20:23 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\ProgramData\NuGet
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\Program Files\IIS
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-09-20 20:22 - 2015-09-20 20:22 - 00000000 ____D C:\Program Files (x86)\IIS
2015-09-20 20:21 - 2015-09-20 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-09-20 20:20 - 2015-09-20 20:20 - 00001561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-09-20 20:20 - 2015-09-20 20:20 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-09-20 20:20 - 2015-09-20 20:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-09-20 20:19 - 2015-09-20 20:20 - 00001424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Test Manager 2015.lnk
2015-09-20 20:18 - 2015-09-20 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-09-20 20:17 - 2015-09-20 20:28 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-09-20 20:17 - 2015-09-20 20:17 - 00000000 ____D C:\Windows\symbols
2015-09-20 20:17 - 2015-09-20 20:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-09-20 20:16 - 2015-09-20 20:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-20 20:16 - 2015-09-20 20:35 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-09-20 20:16 - 2015-09-20 20:19 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-09-20 20:16 - 2015-09-20 20:16 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-09-20 20:15 - 2015-09-20 20:17 - 00000000 ____D C:\Windows\system32\1033
2015-09-20 20:15 - 2015-09-20 20:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2015-09-20 20:13 - 2015-09-20 20:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-09-20 20:13 - 2015-09-20 20:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-09-20 20:11 - 2015-06-22 08:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-09-20 20:11 - 2015-06-22 08:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-09-20 19:12 - 2015-09-20 19:12 - 00080617 _____ C:\Users\Patrick\Downloads\CM6qQBRWgAEd9zA.mp4
2015-09-19 17:14 - 2015-09-19 17:17 - 00000000 ____D C:\Program Files (x86)\WinRAR
2015-09-19 14:44 - 2015-09-19 15:46 - 4110217216 _____ C:\Users\Patrick\Downloads\en_visual_studio_enterprise_2015_x86_x64_dvd_6850497.iso
2015-09-18 17:55 - 2015-09-18 17:55 - 00001123 _____ C:\Users\Patrick\Desktop\C#.lnk
2015-09-18 17:28 - 2015-10-15 23:54 - 00000000 ____D C:\Users\Patrick\C#
2015-09-18 17:22 - 2015-09-23 19:43 - 00000000 ____D C:\Users\Patrick\Desktop\Spiele
2015-09-18 17:16 - 2015-10-15 15:41 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Notepad++
2015-09-18 17:16 - 2015-09-22 18:08 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-09-18 17:16 - 2015-09-18 17:16 - 00001072 _____ C:\Users\Patrick\Desktop\Notepad++.lnk
2015-09-18 17:16 - 2015-09-18 17:16 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-18 17:16 - 2015-09-18 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-09-18 17:16 - 2015-09-18 17:16 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-09-18 17:14 - 2015-09-18 17:14 - 05311104 _____ C:\Users\Patrick\Downloads\npp.6.8.3.Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-18 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-18 20:59 - 2015-02-06 23:41 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2015-10-18 20:59 - 2015-01-17 22:03 - 01388595 _____ C:\Windows\WindowsUpdate.log
2015-10-18 20:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-18 20:58 - 2015-01-18 20:42 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps
2015-10-18 16:45 - 2015-01-17 22:18 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-18 15:26 - 2015-03-04 00:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-18 15:11 - 2015-09-08 12:53 - 00003746 _____ C:\Windows\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d
2015-10-18 15:11 - 2015-07-24 10:39 - 00000000 __SHD C:\$360Section
2015-10-18 15:11 - 2015-07-24 10:24 - 00000000 ____D C:\ProgramData\360Quarant
2015-10-18 15:11 - 2015-03-15 21:27 - 00003722 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-18 15:11 - 2015-03-15 21:27 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-10-18 15:11 - 2015-01-17 22:18 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-18 15:11 - 2015-01-17 22:18 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-18 15:11 - 2015-01-17 22:18 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-18 14:27 - 2015-01-17 22:17 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EEC14AF6-B115-4468-B345-CE604E595BC7}
2015-10-18 04:08 - 2015-07-24 10:23 - 00000000 ____D C:\Users\Patrick\AppData\LocalLow\360WD
2015-10-18 04:04 - 2015-03-26 21:31 - 00000000 ____D C:\Users\Patrick\.gimp-2.8
2015-10-18 03:11 - 2015-03-26 22:01 - 00000000 ____D C:\Users\Patrick\AppData\Local\gtk-2.0
2015-10-18 02:26 - 2015-01-17 22:13 - 00003590 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-15211011-686277194-496942200-1001
2015-10-17 20:45 - 2015-08-30 18:40 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3428b12a951.job
2015-10-17 19:36 - 2014-05-06 21:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-17 17:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-10-17 17:27 - 2015-03-04 00:03 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 15:42 - 2015-01-17 22:09 - 00000000 ____D C:\Users\Patrick\Documents\Youcam
2015-10-17 15:41 - 2014-05-07 07:28 - 01449374 _____ C:\Windows\system32\perfh007.dat
2015-10-17 15:41 - 2014-05-07 07:28 - 00368916 _____ C:\Windows\system32\perfc007.dat
2015-10-17 15:41 - 2014-03-18 11:53 - 00006744 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 15:36 - 2015-01-17 22:10 - 00000000 __RDO C:\Users\Patrick\OneDrive
2015-10-17 15:34 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-17 13:49 - 2015-09-15 12:27 - 00008192 _____ C:\Users\Patrick\Downloads\Super Punch-Out!! (USA).srm
2015-10-17 00:43 - 2015-04-23 21:34 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\OBS
2015-10-16 23:28 - 2015-01-30 22:51 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\vlc
2015-10-16 20:58 - 2015-04-30 15:06 - 00000000 ____D C:\Program Files (x86)\OBS
2015-10-16 20:37 - 2015-01-18 20:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-16 15:00 - 2015-05-09 22:39 - 00000000 ____D C:\Users\Patrick\Desktop\test ordner
2015-10-16 08:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-16 00:25 - 2015-01-17 22:07 - 00000000 ____D C:\Users\Patrick
2015-10-15 23:33 - 2015-07-24 10:23 - 00000000 _RSHD C:\360SANDBOX
2015-10-15 23:26 - 2015-04-19 13:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 23:26 - 2015-04-19 13:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 23:26 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-15 23:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-15 20:46 - 2015-01-17 23:18 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-15 19:30 - 2015-06-13 13:44 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LolClient
2015-10-15 17:46 - 2015-06-12 21:08 - 00000000 ____D C:\ProgramData\Riot Games
2015-10-15 17:45 - 2015-06-12 21:05 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Riot Games
2015-10-14 22:26 - 2015-01-22 17:54 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 22:21 - 2015-01-22 17:54 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 14:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-10-13 22:08 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-10-11 14:21 - 2015-04-15 13:41 - 00000000 ____D C:\Users\Patrick\Tracing
2015-10-11 14:21 - 2015-04-10 14:20 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2015-10-11 14:14 - 2015-03-27 20:54 - 00000000 ____D C:\ProgramData\Freemake
2015-10-11 14:14 - 2015-03-27 20:54 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-10-11 14:13 - 2015-03-27 20:25 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-10-11 14:08 - 2015-01-18 20:35 - 00002178 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2015-10-11 00:55 - 2015-04-04 08:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-10 17:22 - 2015-04-04 08:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-08 18:13 - 2015-02-21 16:31 - 00000000 ____D C:\Users\Patrick\AppData\Local\Steam
2015-10-08 16:28 - 2015-07-24 10:23 - 00000000 ____D C:\ProgramData\360safe
2015-10-08 16:28 - 2015-02-06 23:41 - 00000000 ____D C:\ProgramData\Skype
2015-10-08 15:55 - 2015-03-15 21:26 - 00000000 ____D C:\ProgramData\Intel(R) Update Manager
2015-10-08 14:39 - 2015-05-22 23:14 - 00000000 ____D C:\Users\Patrick\AppData\Local\fabi.me
2015-10-07 21:00 - 2015-09-15 11:18 - 00000000 ____D C:\Users\Patrick\Desktop\musikneu
2015-10-07 03:25 - 2015-05-19 21:40 - 00000000 ____D C:\Users\Patrick\AppData\Local\Game Dev Tycoon
2015-10-06 23:38 - 2015-01-18 20:35 - 00002316 _____ C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-10-03 20:45 - 2015-05-18 14:30 - 00000000 ____D C:\Users\Patrick\Downloads\TubeStar
2015-09-30 22:44 - 2015-07-16 16:32 - 00000000 ____D C:\Windows\Minidump
2015-09-30 22:42 - 2015-07-24 10:23 - 00001168 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-09-30 22:42 - 2015-07-24 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-09-25 18:09 - 2014-05-06 22:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-09-25 18:09 - 2014-05-06 21:50 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-09-25 18:08 - 2014-05-06 22:00 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-09-25 18:07 - 2015-01-17 23:18 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\hpqlog
2015-09-23 19:43 - 2015-03-29 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2015-09-21 06:10 - 2015-07-24 10:23 - 00319568 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2015-09-21 06:10 - 2015-07-24 10:23 - 00178768 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2015-09-21 06:10 - 2015-07-24 10:23 - 00077904 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-09-20 20:43 - 2014-08-05 09:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 20:36 - 2015-03-29 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-09-20 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-20 20:18 - 2014-04-02 11:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-19 12:52 - 2015-05-15 21:39 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-09-18 22:43 - 2015-06-25 06:43 - 00000000 ____D C:\Users\Patrick\Downloads\Hasune Miku
2015-09-18 18:00 - 2015-07-25 12:45 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-09-18 17:59 - 2015-03-29 17:59 - 00000000 ____D C:\Program Files\Lightworks
2015-09-18 17:58 - 2015-01-17 22:08 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Adobe
2015-09-18 15:17 - 2015-03-29 18:05 - 00000000 ____D C:\Users\Patrick\AppData\Local\Windows Live

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-07 18:26 - 2015-10-18 20:55 - 0000600 _____ () C:\Users\Patrick\AppData\Local\PUTTY.RND
2015-10-18 03:11 - 2015-10-18 03:11 - 0000850 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel
2015-02-22 19:17 - 2015-02-22 19:17 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-07-15 21:03 - 2015-05-16 21:03 - 0000032 ____R () C:\ProgramData\hash.dat
2015-01-18 17:36 - 2015-01-18 17:38 - 0000479 _____ () C:\ProgramData\hpzinstall.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-17 16:09

==================== Ende von FRST.txt ============================

--- --- ---

Aquean · 18.10.2015, 20:07

Addition.txtFRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-10-2015
durchgeführt von Patrick (2015-10-18 21:00:27)
Gestartet von C:\Users\Patrick\Downloads
Windows 8.1 (X64) (2015-01-17 20:07:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-15211011-686277194-496942200-500 - Administrator - Disabled)
Gast (S-1-5-21-15211011-686277194-496942200-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-15211011-686277194-496942200-1003 - Limited - Enabled)
Patrick (S-1-5-21-15211011-686277194-496942200-1001 - Administrator - Enabled) => C:\Users\Patrick

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.6.0.1031 - 360 Security Center)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.1.88 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
ArcSoft ShowBiz (HKLM-x32\...\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version:  - ArcSoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.1.785 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Camtasia Studio 8 (HKLM-x32\...\{645B4291-26F6-4AE0-859A-C1FDD7407143}) (Version: 8.5.1.1962 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.1.5112 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DETOUR (HKLM-x32\...\Steam App 92100) (Version:  - Sandswept Studios)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - )
Diablo II (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Diablo II) (Version:  - )
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Double Dragon Trilogy Version 1.0.0 (HKLM-x32\...\{8E4350CC-EC4E-41C8-9F8F-0D60EFEC05FC}_is1) (Version: 1.0.0 - DotEmu)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
EasyTyping 2.1 (HKLM-x32\...\{1C9AC79D-4842-492A-B279-CC0E0FB5FAD5}) (Version: 2.12 - Trauner)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Enterprise (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Dev Tycoon Version 1.4.12 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.4.12 - Greenheart Games Pty. Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Host App Service (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Pokki) (Version: 0.269.7.783 - Pokki)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Control Zone (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4500 G510a-f Series Corporate Edition 14.0 (HKLM\...\{B584612D-3743-495A-AB28-98C44C1E2648}) (Version: 14.0 - HP)
HP Photo Creations (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{648bdaf8-c658-4b5b-b28c-56dabf2790fc}) (Version: 17.00.0000.1347 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{33AD9A5D-209C-4D2A-91BB-C1F3B4BF87A3}) (Version: 17.0.1407.02 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KnightShift (HKLM-x32\...\Steam App 254060) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{a60a492e-b5eb-4218-a9e6-f38d18a7dbaf}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My.com Game Center (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\MyComGames) (Version: 3.138 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.22 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Sam and Max - Im Theater Des Teufels (HKLM-x32\...\Sam and Max - Im Theater Des Teufels) (Version: 2.0.0.0 - Daedalic Entertainment)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SHIELD Streaming (Version: 1.8.315 - NVIDIA Corporation) Hidden
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
skyforge_mycom (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\skyforge_mycom) (Version: 1.28 - My.com B.V.)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
Spotify (HKU\S-1-5-21-15211011-686277194-496942200-1001\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Hat Man: Shadow Ward (HKLM-x32\...\Steam App 291010) (Version:  - Game Mechanics)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332}) (Version: 2012.04.17 - -)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: 6.7.111 - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ACHTUNG
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-15211011-686277194-496942200-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-15211011-686277194-496942200-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

14-10-2015 22:18:01 Windows Update
15-10-2015 23:47:46 Intel(R) Technology Access
17-10-2015 15:30:06 Installiert Empire Earth

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A2ED7DB-4AF0-4BF7-B770-1301EA38FAE1} - System32\Tasks\{6D6E439F-E357-4A18-8140-7CD903A6947D} => pcalua.exe -a "C:\Program Files (x86)\Project64 1.6\Project64.exe" -d C:\Windows\system32
Task: {0A825439-1E1C-4A05-BF77-533E8FA4228A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {113793AD-29C7-4DA9-AB85-0761E77CCF0B} - System32\Tasks\{BC417ABA-0407-4B95-BA95-9EA562F6F6C5} => pcalua.exe -a C:\Users\Patrick\Downloads\WinWDM_8_1_2\Setup.exe -d C:\Users\Patrick\Downloads\WinWDM_8_1_2
Task: {1879029D-5003-46BD-9857-85791B613F8E} - \Microsoft\Windows\Application Experience\ProgramDataUpdater -> Keine Datei <==== ACHTUNG
Task: {22E71A92-4324-43BC-AC49-8D5CE18726F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e3428b12a951 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2ADD7550-A7E9-4DBD-8147-779FAA42B23A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2D6EBCA4-CF21-4523-AD1A-8B75E567C9DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4F72A8AC-9B17-471E-AABE-32BEF5BA1955} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {6F673E92-D824-4615-A12E-BCF460B4ECB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {7D8502DF-AB98-4D53-BBD2-D35A0D9DC02A} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {83242CE1-1046-4364-BB33-1E9AE8921CCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {8F0711EE-3382-487F-BD60-9797BDB9F195} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B28DFE23-2385-4753-9B70-1A5A142E4DED} - System32\Tasks\{15C37C71-D7A1-4DB4-9022-C29F6517C792} => pcalua.exe -a "C:\Users\Patrick\Desktop\RCT3Plus\RollerCoaster Tycoon 3\RCT3.EXE" -d "C:\Users\Patrick\Desktop\RCT3Plus\RollerCoaster Tycoon 3"
Task: {B874A9E3-EC79-40B4-AD1C-4E32045012AE} - \Pokki -> Keine Datei <==== ACHTUNG
Task: {C0BF6936-FD3E-414E-AAA9-AF7833A4CE16} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Keine Datei <==== ACHTUNG
Task: {C229A656-87A9-45CB-BBC7-981E9F689FA8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-15211011-686277194-496942200-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {C4C949A9-C1E1-4EDD-9698-EA16E2BF929A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {C5732BFF-AED4-4D36-849E-B8B601F78B4B} - System32\Tasks\{1853F1C4-43DB-494B-9F03-8CEF1D0FC7AD} => pcalua.exe -a C:\Users\Patrick\Desktop\RCT3Plus\RCT3plus.exe -d C:\Users\Patrick\Desktop\RCT3Plus
Task: {CB42BB09-FFAF-4F10-ABF6-4D1655E9D05B} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {D1A2504D-9614-4F17-B042-A8E93A7C6ABC} - System32\Tasks\{B367CBF2-4927-4508-B254-7B52377BD403} => pcalua.exe -a C:\Users\Patrick\Desktop\RCT3plus.exe -d C:\Users\Patrick\Desktop
Task: {E0BF2EE6-F57F-4DEC-99CE-483BC0244616} - System32\Tasks\{4B711056-37E2-46DA-8D0C-E792F9AD68D8} => pcalua.exe -a C:\Users\Patrick\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=smt
Task: {E9F04A24-99A1-4F7D-8DA5-F34189594DAB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {EE725955-6EE0-4833-9C4D-7DF8696C7762} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e3428b12a951.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPatrick.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-08-05 09:47 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-09-16 14:12 - 2015-09-16 14:12 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-07-24 10:23 - 2015-09-21 06:10 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Patrick\OneDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-15211011-686277194-496942200-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrick\Downloads\aaaaagames-zelda-hd-wallpaper-wallpaper-triforce-games-zelda-hd.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\StartupFolder: => "Super Mario World.lnk"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "MyComGames"
HKU\S-1-5-21-15211011-686277194-496942200-1001\...\StartupApproved\Run: => "puush"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{929B3193-7DA6-406A-A309-8EF24284932A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{85268C76-AF85-41DE-ADB0-7009CF3153C4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19A14D1B-5998-4F56-99EA-D7CF818C79D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{27E6C3CE-87B8-4305-8E59-0F4F642111EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AA1F6BDE-1BB7-4362-91C9-5B2C133BFC5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D29AC9A3-0020-4808-989A-B2D3B46C310A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B97516C8-4300-4FAD-9848-E5961CA9C508}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{17D0661C-05FB-4376-A5AD-DBD9E260B22F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1A548A2C-139E-48C5-B58D-D4D0A6DE8A4B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3B413C52-F2CD-41CF-9F29-CC3F21BB5FEF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{BF3E0442-1258-4342-A38C-7DA62A99C489}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{B6CBFE1E-E52A-46F0-A8F5-D7B396DB69F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BD9933CF-D5AA-40F9-82B9-83B1DC3DEDC6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{61B7169B-CF5F-42BB-A334-44AA8544889A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A571E1D1-C9A4-4456-B97D-46DB5B0BE563}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2AC921B1-7F2B-4D9F-AC6D-93163CF7F661}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E232B0A8-ABDB-43C3-834E-AE5ED961701E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{1029DCCC-87FE-4134-8E16-62C55C7D7423}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{7DB5C2F4-0676-4DCE-BEB8-D2D40C57A28F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{95827FBB-27E2-4294-8719-9871533EC144}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{0667C415-8492-49B6-872E-8825C0C09EA0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F63B0101-117B-4DC1-8765-C7910724C327}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CB19B81F-39C8-42AA-9FD7-CB5E20CE645B}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DD81FF85-732C-4669-9BF7-11B85A121E37}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9E4D69A5-E311-42B3-8E5E-7D41BE3167EA}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{142204F8-7C1C-4543-ABE4-269CE3B28873}] => (Allow) LPort=5357
FirewallRules: [{8240B8B0-433D-47E7-B072-2D91194AB87A}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{060B1BAE-3094-4A47-AA4A-843EE24E25A1}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [{25256EEA-22B8-4651-B844-0BD622EAD53B}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [{494A6576-8E1F-415B-A487-0F03B4C4C80A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{FC592352-6268-4B1B-A80C-0465BAC99C3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{80B7C0B6-5803-43CC-B1C3-23D76C89439E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{DDF7E835-0475-4230-8A3F-625439A9BABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9CC5069E-0524-4BDB-B924-B77656F093DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FBD48C1A-35ED-4204-AFF7-BAC0E29766D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B297762B-6710-48A8-AE57-2AB30DFA1092}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ED2932B8-5673-4C70-9B0A-429E35DAF314}] => (Allow) LPort=2869
FirewallRules: [{3EFE4761-A088-44C7-A9B7-0FB74DE739E8}] => (Allow) LPort=1900
FirewallRules: [{1BAF3C30-7BCE-4885-BBD3-68169168B4A6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6D835BE6-81AE-43C6-BE8F-764195B1D098}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB8E3BC8-A797-4FD6-BD69-E1D73C021592}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0A59BA7D-5F3B-418E-A8A4-08EA0980F6C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{BD702F06-54C4-4555-B9CC-0DD41C0A0B0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{7565A7F7-4F56-45C6-A845-0F3EC7530BEC}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{15A94442-769C-4E34-99D3-11E08215697B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F4929142-5D8C-4223-BF60-F73CEA46EA2F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{859F6401-AE7D-4B49-B6B6-A92B1F558227}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{E38322FF-FBAB-46BE-A35C-83FF886102CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{5E87784C-109A-4BF2-B0B1-A3DA2DB0D4A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{05614110-5408-447B-8B60-5888B76471A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9347F43D-5CFB-47D5-8B74-40ED7B4FD5A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{94FB754D-FC9E-433B-808C-49D890871A69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{915C2002-ED50-4A8F-88C6-7180AD29F1AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{47FDDCCB-60F7-4A87-8966-D69779CD70C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{3EFFA4AE-4303-4279-9322-4DB250A28D34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KnightShift\KnightShift.exe
FirewallRules: [{35114D00-E4E5-4C0A-9666-A300C59BC14D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KnightShift\KnightShift.exe
FirewallRules: [{5EB781E3-9B74-43BC-8D09-8D4274F006E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DETOUR\Detour.exe
FirewallRules: [{3549987A-A13C-435B-BA76-CEE5E3D99514}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DETOUR\Detour.exe
FirewallRules: [TCP Query User{78EF518B-E395-4FDE-9F63-41C386689BDB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{DDA45051-D8B1-4CCC-85FD-1989DFA8B6BC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D4F3DD37-1BB5-4140-9C2A-3B1B34248EE6}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{D83AE9A6-1EF6-4A50-BEBF-3CFB103C558D}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{29027F4A-C515-47F0-A9E3-B47CDD3CB1EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{F8562176-E69C-4EF9-B721-395F8C7B2CA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [TCP Query User{65933DAD-397F-4FD0-AA24-721BDD713A03}C:\users\patrick\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\patrick\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{BFC8ED54-A569-4C6C-84CB-3DEC701181E9}C:\users\patrick\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\patrick\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{3EAB5E17-32F2-4E5F-B6AB-41C901113D8D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D64950B3-65D8-4176-B754-1BBCCA70337B}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{52840D2D-75CC-49DA-8509-4D310D461606}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{F2F03DB6-4121-4CF7-9D15-5180C23B58CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{BE9CE4CA-AEC7-4CB5-AA38-A4992267BF6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{9212F2F8-F93B-4EE1-8D66-786E8EEBAD01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{369DA226-FF5B-4F30-8C67-F5BAFAAE9221}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{CE90ED20-E529-4178-BDE1-23C7069B5F10}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Liberation HD\ac3lhd_32.exe
FirewallRules: [{0AEBEBF9-272D-4EC1-9041-AA39D99385EC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{96178256-7A99-420A-BE75-9390D2DE1E4E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{EA25372C-7B18-4293-8491-CCC3AA08404F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{12EC8E15-084D-47B1-81F1-BAC60D5BE08E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{298E6DDC-7149-4B16-A486-96E5D7B15597}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{BB6A8E74-904E-4543-8D96-1DCB5D5B6E10}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{9BC83B9B-8431-4CD1-B00E-8B22EB90C6CB}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{0814558D-7C2C-4304-990E-00B362645188}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D4593D99-8C25-40CA-8035-D4639F761B70}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{3C622036-100F-4D71-8917-D00F2665F813}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{679CE250-656F-4D37-89CA-6B110AA8E0DF}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{023BA8B7-4688-448A-A793-8BBDA048EE57}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C5B7404A-9554-487C-92E0-4A23D2C8378E}C:\users\patrick\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\patrick\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7CA12A27-0C8C-4FCC-A816-BB1B848254CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{3891C4ED-2264-40A4-8A4A-A53AE270865B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{A87CFA91-AD64-4A10-8FAE-0E918894FE64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E14D677F-E24C-4AC5-9705-46AFBB3049CF}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{77E3BF31-A608-45E8-89F1-376433C9CE0E}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{A3A06013-3DD6-436B-B98A-CE4C484B1AA6}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{C6EDC542-99F2-44B0-A2D9-504D8FE1BBE2}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{19EB4659-C48D-4ED0-849B-CB58D528DA9F}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{A8F69149-DBCA-4F22-820F-17F41A893DDD}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/18/2015 08:58:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 18.10.2015.0, Zeitstempel: 0x56237f69
Name des fehlerhaften Moduls: FRST64.exe, Version: 18.10.2015.0, Zeitstempel: 0x56237f69
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000262d9
ID des fehlerhaften Prozesses: 0x24a8
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Vollständiger Name des fehlerhaften Pakets: FRST64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FRST64.exe5

Error: (10/18/2015 01:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LegacyCsLoaderService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cde
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x12bc
Startzeit der fehlerhaften Anwendung: 0xLegacyCsLoaderService.exe0
Pfad der fehlerhaften Anwendung: LegacyCsLoaderService.exe1
Pfad des fehlerhaften Moduls: LegacyCsLoaderService.exe2
Berichtskennung: LegacyCsLoaderService.exe3
Vollständiger Name des fehlerhaften Pakets: LegacyCsLoaderService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LegacyCsLoaderService.exe5

Error: (10/18/2015 01:52:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cc8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x239c
Startzeit der fehlerhaften Anwendung: 0xIntelTechnologyAccessService.exe0
Pfad der fehlerhaften Anwendung: IntelTechnologyAccessService.exe1
Pfad des fehlerhaften Moduls: IntelTechnologyAccessService.exe2
Berichtskennung: IntelTechnologyAccessService.exe3
Vollständiger Name des fehlerhaften Pakets: IntelTechnologyAccessService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IntelTechnologyAccessService.exe5

Error: (10/17/2015 07:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LegacyCsLoaderService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cde
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x22e4
Startzeit der fehlerhaften Anwendung: 0xLegacyCsLoaderService.exe0
Pfad der fehlerhaften Anwendung: LegacyCsLoaderService.exe1
Pfad des fehlerhaften Moduls: LegacyCsLoaderService.exe2
Berichtskennung: LegacyCsLoaderService.exe3
Vollständiger Name des fehlerhaften Pakets: LegacyCsLoaderService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LegacyCsLoaderService.exe5

Error: (10/17/2015 07:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cc8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xIntelTechnologyAccessService.exe0
Pfad der fehlerhaften Anwendung: IntelTechnologyAccessService.exe1
Pfad des fehlerhaften Moduls: IntelTechnologyAccessService.exe2
Berichtskennung: IntelTechnologyAccessService.exe3
Vollständiger Name des fehlerhaften Pakets: IntelTechnologyAccessService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IntelTechnologyAccessService.exe5

Error: (10/17/2015 05:35:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LegacyCsLoaderService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cde
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0x98c
Startzeit der fehlerhaften Anwendung: 0xLegacyCsLoaderService.exe0
Pfad der fehlerhaften Anwendung: LegacyCsLoaderService.exe1
Pfad des fehlerhaften Moduls: LegacyCsLoaderService.exe2
Berichtskennung: LegacyCsLoaderService.exe3
Vollständiger Name des fehlerhaften Pakets: LegacyCsLoaderService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LegacyCsLoaderService.exe5

Error: (10/17/2015 05:35:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.5.0.1021, Zeitstempel: 0x55b93cc8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4c341
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000000871c
ID des fehlerhaften Prozesses: 0xa24
Startzeit der fehlerhaften Anwendung: 0xIntelTechnologyAccessService.exe0
Pfad der fehlerhaften Anwendung: IntelTechnologyAccessService.exe1
Pfad des fehlerhaften Moduls: IntelTechnologyAccessService.exe2
Berichtskennung: IntelTechnologyAccessService.exe3
Vollständiger Name des fehlerhaften Pakets: IntelTechnologyAccessService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IntelTechnologyAccessService.exe5

Error: (10/17/2015 03:41:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (10/17/2015 03:41:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (10/17/2015 03:41:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (10/18/2015 08:55:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: microsoft.windowscommunicationsapps

Error: (10/18/2015 08:55:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.ZuneVideo

Error: (10/18/2015 08:55:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: AD2F1837.HPConnectedPhotopoweredbySnapfish

Error: (10/18/2015 08:55:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.WindowsReadingList

Error: (10/18/2015 08:55:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.ZuneMusic

Error: (10/18/2015 08:55:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: 134D4F5B.Box

Error: (10/18/2015 08:55:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: AD2F1837.GettingStartedwithWindows8

Error: (10/18/2015 08:55:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.BingFinance

Error: (10/18/2015 08:55:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.BingTravel

Error: (10/18/2015 08:55:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246010 fehlgeschlagen: Microsoft.Office.OneNote


CodeIntegrity:
===================================
  Date: 2015-10-18 20:55:21.860
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 14:35:12.408
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 14:26:29.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 14:26:29.133
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 14:26:29.088
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 02:57:39.662
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 02:03:16.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 02:03:16.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-18 02:03:16.800
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2015-10-17 19:10:31.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 16314.15 MB
Verfügbarer physikalischer RAM: 11400.77 MB
Summe virtueller Speicher: 18746.15 MB
Verfügbarer virtueller Speicher: 12309.3 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1376.19 GB) (Free:1055.71 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:2.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (User Manual) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: E1B0F7F4)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

schrauber · 19.10.2015, 19:29

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

YAC
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

HEUR/QVM11.1.Malware.Gen Virus?

Plagegeister aller Art und deren Bekämpfung: HEUR/QVM11.1.Malware.Gen Virus?