Win 8.1 MPC Cleaner lässt sich nicht entfernen

Jan02 · 16.04.2016, 16:43

Hallo, brauche Hilfe!

Habe mir den MPC Cleaner eingefangen und werde in mit adwcleaner nicht los!

Erstellung von Logfile mit frst 64-bit klappt nicht, gibt Fehlermeldung!

Jan02 · 16.04.2016, 16:45

Code:

ATTFilter

# AdwCleaner v5.111 - Bericht erstellt am 16/04/2016 um 17:20:01
# Aktualisiert am 14/04/2016 von Xplode
# Datenbank : 2016-04-15.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Jan - NOTEBOOK-JAN2
# Gestartet von : C:\Users\Jan\Downloads\adwcleaner_5.111.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : MPCProtectService
[-] Dienst gelöscht : MPCKpt

***** [ Ordner ] *****

[#] Ordner gelöscht : C:\Program Files (x86)\MPC Cleaner
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Ordner gelöscht : C:\Users\Jan\AppData\Local\csdi_monetize_120160408
[-] Ordner gelöscht : C:\Users\Jan\AppData\Local\csdi_monetize_220160408

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Public\Desktop\MPC Cleaner.lnk
[#] Datei gelöscht : C:\Windows\SysNative\drivers\MPCKpt.sys

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\MPC

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [14503 Bytes] - [11/04/2016 18:33:16]
C:\AdwCleaner\AdwCleaner[C2].txt - [2030 Bytes] - [11/04/2016 18:42:38]
C:\AdwCleaner\AdwCleaner[C3].txt - [3310 Bytes] - [11/04/2016 18:47:47]
C:\AdwCleaner\AdwCleaner[C4].txt - [3334 Bytes] - [11/04/2016 18:53:31]
C:\AdwCleaner\AdwCleaner[C5].txt - [3672 Bytes] - [12/04/2016 20:39:46]
C:\AdwCleaner\AdwCleaner[C6].txt - [1773 Bytes] - [16/04/2016 17:20:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [15330 Bytes] - [11/04/2016 18:29:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1794 Bytes] - [11/04/2016 18:37:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [3029 Bytes] - [11/04/2016 18:45:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [3058 Bytes] - [11/04/2016 18:51:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [3204 Bytes] - [11/04/2016 20:03:09]
C:\AdwCleaner\AdwCleaner[S6].txt - [3391 Bytes] - [12/04/2016 20:37:52]
C:\AdwCleaner\AdwCleaner[S7].txt - [2095 Bytes] - [16/04/2016 17:18:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2358 Bytes] ##########

burningice · 17.04.2016, 23:27

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Sollte jetzt funktionieren.
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Jan02 · 18.04.2016, 15:54

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (18-04-2016 16:47:01)
Gestartet von C:\Users\Jan\Downloads
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [IDSCCOMQG8] => "C:\Program Files\Sound+\idsccom_QG8.exe"
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM-x32\...\Run: [sun21] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2015-09-20]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL = 
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Kein Name -> {E6E66045-E911-4C01-961D-42387CF12080} -> C:\Users\Jan\AppData\LocalLow\Browser-Security\safe_url.dll => Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G4Azbwybl003,3d5c3fcf-4a9d-4532-8a26-aa6841790ff9,&prd=smw&q={searchTerms}
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-09]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-09]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-16]
CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-10] (DotC United Inc)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-10] (DotC United Inc)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 16:47 - 2016-04-18 16:47 - 00022509 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-18 16:47 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-18 16:38 - 2016-04-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:21 - 2016-04-18 16:38 - 00001705 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-04-16 17:18 - 2016-04-16 17:18 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 19:00 - 2016-04-11 19:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:27 - 2016-04-10 16:46 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-10 16:27 - 2016-04-10 16:27 - 00060136 ____N (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-10 16:26 - 2016-04-18 16:38 - 00000378 _____ C:\Windows\Tasks\FYJHMJXE1.job
2016-04-10 16:26 - 2016-04-18 16:38 - 00000366 ____H C:\Windows\Tasks\KHEIGTSHJRHYMLJD.job
2016-04-10 16:26 - 2016-04-10 16:26 - 00003370 _____ C:\Windows\System32\Tasks\KHEIGTSHJRHYMLJD
2016-04-10 16:26 - 2016-04-10 16:26 - 00002892 _____ C:\Windows\System32\Tasks\FYJHMJXE1
2016-04-10 16:26 - 2016-04-10 16:26 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2016-04-10 16:23 - 2016-04-10 16:23 - 00000000 ____D C:\Users\Jan\AppData\Local\brsrv
2016-04-10 16:22 - 2016-04-10 16:22 - 00003462 _____ C:\Windows\System32\Tasks\bvyvave
2016-04-10 16:20 - 2016-04-11 18:25 - 00000000 ____D C:\Program Files\Uboxva
2016-04-10 16:20 - 2016-04-11 18:24 - 00000000 ____D C:\Users\Jan\AppData\Roaming\DecfMegb
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Jaynew
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Itepe
2016-04-10 16:20 - 2016-04-10 16:20 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-04-10 16:19 - 2016-04-11 18:25 - 00000000 ____D C:\Program Files\Uhhiwesoif
2016-04-10 16:19 - 2016-04-11 18:24 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NiryFepja
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00023164 _____ C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F}
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\Company
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00205502 _____ C:\Users\Jan\AppData\Roaming\inst.lat
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:17 - 2016-04-10 16:20 - 00016992 _____ C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml
2016-04-10 16:17 - 2016-04-10 16:17 - 00001994 _____ C:\Windows\System32\Tasks\kze3024
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-10 16:16 - 2016-03-04 16:13 - 00046352 _____ (zdengine) C:\Windows\system32\Drivers\zdwfp64.sys
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\AviraSpeedup
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 10:30 - 00000000 ____D C:\Users\Jan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-11 22:17 - 07452504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-23 11:34 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-23 11:34 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-23 11:34 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-23 11:34 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-03-23 11:34 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-23 11:34 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-23 11:34 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-03-24 18:58 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-03-22 16:58 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-03-20 10:00 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:45 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 16:43 - 2015-08-09 08:50 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:41 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 16:39 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-18 16:38 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-18 16:38 - 2015-06-17 21:46 - 06134554 _____ C:\Windows\system32\perfh007.dat
2016-04-18 16:38 - 2015-06-17 21:46 - 01767938 _____ C:\Windows\system32\perfc007.dat
2016-04-18 16:38 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 19:17 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:21 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 17:21 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-16 17:19 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-16 17:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 11:55 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-12 20:27 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 20:27 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 20:20 - 2015-01-12 16:02 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-11 18:33 - 2015-07-15 18:58 - 00001007 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 21:14 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-10 16:03 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:41 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-27 19:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-03-23 13:08 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0205502 _____ () C:\Users\Jan\AppData\Roaming\inst.lat
2016-04-10 16:17 - 2016-04-10 16:20 - 0016992 _____ () C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml
2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Jan\AppData\Local\Temp\libeay32.dll
C:\Users\Jan\AppData\Local\Temp\msvcr120.dll
C:\Users\Jan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:27

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-18 16:48:04)
Gestartet von C:\Users\Jan\Downloads
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.7.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.7.2 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {3E040F3E-D48C-4283-BB54-133925E85229} - System32\Tasks\bvyvave => C:\Users\Jan\AppData\Local\bvyvave\bvyvave.exe <==== ACHTUNG
Task: {3F1E436C-B12B-4114-A9C6-3A75DD201433} - \SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a -> Keine Datei <==== ACHTUNG
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
Task: {5C7DEF6E-C255-47E8-A244-E16C497D9280} - System32\Tasks\KHEIGTSHJRHYMLJD => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG
Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {781AD9BE-5F36-4DE3-A507-D1DAB84B88D1} - System32\Tasks\FYJHMJXE1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ACHTUNG
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\Program Files\Uboxva\Karagir.bat [2016-04-10] () <==== ACHTUNG
Task: {8D0F8506-F40D-4D6E-B7F9-14627F7E88C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {B303C568-174D-4788-80EF-078CF1C15247} - System32\Tasks\kze3024 => C:\Program Files (x86)\QuickSearch\kze3024.exe <==== ACHTUNG
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {F2E799D9-458D-4D15-849A-AA3C3F58B1C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FYJHMJXE1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\KHEIGTSHJRHYMLJD.job => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{F24EE0AA-B72B-458C-BCB3-4E0CADF7D11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{36A05272-949B-4C73-94FE-26F0E88A2BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6952E90F-9621-4E14-93EF-320179FA7305}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9944506F-9840-4F2D-B081-3CE0D904C7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/18/2016 04:38:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2016 11:52:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/17/2016 07:20:34 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/17/2016 07:20:34 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/16/2016 05:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (04/16/2016 05:20:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


CodeIntegrity:
===================================
  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5604.42 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 14405.8 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:141.66 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 19.04.2016, 00:33

Glückwunsch - hier gibt es was zu tun

Schritt: 1
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung

Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt: 2
Download von

ZOEK (by Smeenk)

Speichere die zoek.exe auf dem Desktop.
Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
Code:
ATTFilter
```
iedefaults;
FFdefaults;
chrdefaults;
emptyclsid;
autoclean;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
Bitte poste mir das zoek-results.log.

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Jan02 · 19.04.2016, 14:12

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 19.04.2016
Suchlaufzeit: 13:09
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.19.04
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Jan

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 358996
Abgelaufene Zeit: 25 Min., 44 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Deaktiviert
Rootkits: Aktiviert
Heuristik: Deaktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 1220, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, 4020, Löschen bei Neustart, [8b25f2be0e8b3afcc43e0de944bdbf41]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, 3152, Löschen bei Neustart, [2b85cce4a0f97eb891716d89d0312ad6]

Module: 36
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [8e229f111782d75f0af86591f70a9b65], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [b5fb4769a2f7f14518ea6e88bc45fd03], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [1898961a722774c29969af475ba621df], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [327eb5fb14856cca48ba03f3a160c43c], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [159b684827722a0ccc36de1826db06fa], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [f4bc0da39dfc70c6689ab93d847dc739], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [3e72763af3a6ce6841c1b83e3ec37c84], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [446c06aabfda86b06a982fc71de47987], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [416f555bf5a4e650c83a698d30d10df3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [951b03ada7f2102619e938bee31e1de3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [545cf1bf871288aea062cc2aad54e020], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [3a762888c0d968ce12f06690788916ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 

Registrierungsschlüssel: 23
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [9a169b157623d561fb9b04f06e94e818], 
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [8b257e32dabf0a2c4c4a569e8082da26], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [dcd4f0c0920747ef8a0c24d027db3dc3], 
PUP.Optional.YesSearches, HKU\S-1-5-18\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, In Quarantäne, [565ab9f74b4eb97d2053f3cc3ac823dd], 
PUP.Optional.YesSearches, HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, In Quarantäne, [4a66f3bd25749b9bf57e952a34cef709], 
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, In Quarantäne, [5759efc198013303430d4b424bb9f60a], 
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\UBOXVA, In Quarantäne, [b2fec9e78e0bdf57574cecbf6b99f907], 
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [29877f312772c5716311b7962cd8cb35], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E040F3E-D48C-4283-BB54-133925E85229}, Löschen bei Neustart, [e5cbcfe14e4b1f17b57afdad887c60a0], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3F1E436C-B12B-4114-A9C6-3A75DD201433}, Löschen bei Neustart, [f7b96c4490095cda007b772a36ce06fa], 
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{781AD9BE-5F36-4DE3-A507-D1DAB84B88D1}, Löschen bei Neustart, [8828b8f858416bcb07dac1e951b3827e], 
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B303C568-174D-4788-80EF-078CF1C15247}, Löschen bei Neustart, [f2be426e475292a41576e0cb11f30bf5], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bvyvave, Löschen bei Neustart, [d6da7e323b5e8aac210fa00a956fc13f], 
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FYJHMJXE1, Löschen bei Neustart, [2e82a50bf3a6ff371dc5b0fa28dc659b], 
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\kze3024, Löschen bei Neustart, [d2de9e129108de58bad255561be9bc44], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a, Löschen bei Neustart, [98182b85e9b0aa8ce54c261be02340c0], 
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [842c416f9009290d7843122611f26a96], 
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\WOW6432NODE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, In Quarantäne, [3e72f3bdb8e13105c789147931d306fa], 
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\UBOXVA, In Quarantäne, [cbe5d3ddc7d22214c1e25952c2425da3], 
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, Löschen bei Neustart, [4a66feb28811b086c2362f73ff059b65], 
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, In Quarantäne, [456b80305445d2640f279d9f81837090], 
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT, Löschen bei Neustart, [a10fbdf398010e28a5544d55b153b64a], 

Registrierungswerte: 16
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Uboxva|installer_name, vbates_tfpcdeex-00-1_.exe, In Quarantäne, [b2fec9e78e0bdf57574cecbf6b99f907]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131047717054696425, In Quarantäne, [29877f312772c5716311b7962cd8cb35]
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E040F3E-D48C-4283-BB54-133925E85229}|Path, \bvyvave, Löschen bei Neustart, [e5cbcfe14e4b1f17b57afdad887c60a0]
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3F1E436C-B12B-4114-A9C6-3A75DD201433}|Path, \SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a, Löschen bei Neustart, [f7b96c4490095cda007b772a36ce06fa]
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{781AD9BE-5F36-4DE3-A507-D1DAB84B88D1}|Path, \FYJHMJXE1, Löschen bei Neustart, [8828b8f858416bcb07dac1e951b3827e]
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B303C568-174D-4788-80EF-078CF1C15247}|Path, \kze3024, Löschen bei Neustart, [f2be426e475292a41576e0cb11f30bf5]
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IDSCCOMQG8, "C:\Program Files\Sound+\idsccom_QG8.exe", In Quarantäne, [baf6a10f5346b581bb478a210afa2bd5]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.yessearches.com/?ts=AHEqA34sC3MmAE..&v=20160405&uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&mode=ffsengext, In Quarantäne, [842c416f9009290d7843122611f26a96]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.yessearches.com/?ts=AHEqA34sC3MmAE..&v=20160405&uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&mode=ffsengext, In Quarantäne, [8729fcb431688aacc1fa3107768d07f9]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.yessearches.com/chrome.php?uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&q={searchTerms}&ts=AHEqA34sC3MmAE..&v=20160405&mode=ffsengext, In Quarantäne, [713faa06cdcca78fb00bf6427a890bf5]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.yessearches.com/chrome.php?uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&ts=AHEqA34sC3MmAE..&v=20160405&mode=ffexttoolbar&q=, In Quarantäne, [9e12397783167cbaf7c46ccc7192b749]
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Uboxva|installer_name, vbates_tfpcdeex-00-1_.exe, In Quarantäne, [cbe5d3ddc7d22214c1e25952c2425da3]
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun21, In Quarantäne, [48686b455b3e8babc3ed059f8e76c43c], 
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [4a66feb28811b086c2362f73ff059b65]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT|Description, MPC Driver, Löschen bei Neustart, [a10fbdf398010e28a5544d55b153b64a]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", Löschen bei Neustart, [a60ab00031686ccae4f460435ba908f8]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 25
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9], 
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9], 
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, In Quarantäne, [bdf36c4425742610ec443269996bcf31], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.Goobzo, C:\Users\Jan\AppData\Local\brsrv, In Quarantäne, [07a9723ecbcef93db93540f2d82bc040], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\libraries, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 

Dateien: 218
PUP.Optional.MorePowerfulCleaner, C:\WINDOWS\SYSTEM32\drivers\MPCKpt.sys, Löschen bei Neustart, [b66a551d00e41d5416f4cb5497926238], 
PUP.Optional.Komodia, C:\WINDOWS\SYSTEM32\drivers\zdwfp64.sys, Löschen bei Neustart, [a767ff3670b7349e961687c29ea9054e], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [8e229f111782d75f0af86591f70a9b65], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, Löschen bei Neustart, [8b25f2be0e8b3afcc43e0de944bdbf41], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [b5fb4769a2f7f14518ea6e88bc45fd03], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [1898961a722774c29969af475ba621df], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [327eb5fb14856cca48ba03f3a160c43c], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [159b684827722a0ccc36de1826db06fa], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [f4bc0da39dfc70c6689ab93d847dc739], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [3e72763af3a6ce6841c1b83e3ec37c84], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [446c06aabfda86b06a982fc71de47987], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [416f555bf5a4e650c83a698d30d10df3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [951b03ada7f2102619e938bee31e1de3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [545cf1bf871288aea062cc2aad54e020], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [3a762888c0d968ce12f06690788916ea], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, Löschen bei Neustart, [2b85cce4a0f97eb891716d89d0312ad6], 
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Byidf.dll, In Quarantäne, [b4fccce4debbb185ad683add3cc6fa06], 
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Byidf64.dll, In Quarantäne, [6c444e620495f343986c4dca1fe3c53b], 
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Ezouhti64.dll, In Quarantäne, [5b558e227a1fe74f1ef8ef28c939639d], 
Adware.PennyBee, C:\Program Files\Uboxva\nfregdrv64.exe, In Quarantäne, [dbd5921eb7e23501f41ff91e9b6705fb], 
PUP.Optional.VBates, C:\Program Files\Uboxva\prc.exe, In Quarantäne, [a808ac04cecba690938468c93acb7789], 
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Wemved64.dll, In Quarantäne, [dfd18828e4b5ee488d758394b74bbf41], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Löschen bei Neustart, [ac04397767323ff7768c7d79ca37b947], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, In Quarantäne, [763a1f91eeab0432a65ccb2be71ad927], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, In Quarantäne, [941c04ac2e6b40f63bc7985e9a675da3], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, In Quarantäne, [5858456b8217d06607fb9e58669b52ae], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCNews.exe, In Quarantäne, [1a96377944550630e51daf471de4f30d], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSecurity.exe, In Quarantäne, [8f21258b1f7a92a450b2e0165fa23cc4], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, In Quarantäne, [4769e2cee7b2d75fff03a74f24ddb947], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, Löschen bei Neustart, [852b47694b4ec571689ae1153dc4629e], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, In Quarantäne, [77392e8251489a9c52b05a9c0cf5bd43], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Uninstall.exe, In Quarantäne, [7a368e22bfdacf67b84a9264ea172cd4], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, In Quarantäne, [a70906aa1287d85e25dd50a619e8748c], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstDelete.exe, In Quarantäne, [2d838c24742541f5d72b50a6b849ac54], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UpdateHost.exe, In Quarantäne, [fab6624e435646f0ee145b9b07fa19e7], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Upgrade.dll, In Quarantäne, [753bbdf3d8c15ed820e26f8748b92bd5], 
PUP.Optional.StartSurf, C:\Users\Jan\AppData\Local\Temp\03b1a18b.a, In Quarantäne, [842cc3edd3c6e84e87dc766eac55d52b], 
Adware.IStartSurf, C:\Users\Jan\AppData\Local\Temp\03b1ab00.a, In Quarantäne, [dbd5b3fda0f97abcc8c9e5203fc39f61], 
Trojan.Graftor, C:\Users\Jan\AppData\Local\Temp\Install_31631\ins_PEEDGE.exe, In Quarantäne, [446c0da3b0e91125c437a9b2bd431de3], 
PUP.Optional.PCSpeedUp, C:\Users\Jan\AppData\Local\Temp\LVE5XT251\LVE5XT251.exe, In Quarantäne, [7937d4dcd3c6de5872b46be635cc6e92], 
PUP.Optional.Goobzo, C:\Users\Jan\AppData\Local\brsrv\brsrv.exe, In Quarantäne, [f0c0b2feb0e973c3aa0378b52fd607f9], 
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_chrome.exe.cache, In Quarantäne, [cfe1d8d88a0fa096f492034050b458a8], 
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_iexplore.exe.cache, In Quarantäne, [f0c02c84227772c4a9dd40037c8841bf], 
PUP.Optional.FakeIELaunch, C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk, In Quarantäne, [20904c64990041f58c8fc993b3514ab6], 
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9], 
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9], 
PUP.Optional.MorePowerfulCleaner, C:\Users\Public\Desktop\MPC Cleaner.lnk, In Quarantäne, [4967bdf3c8d1c5711a156b30e61ea35d], 
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, In Quarantäne, [bdf36c4425742610ec443269996bcf31], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\snh.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CrashReport.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\dbgkpt.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Decode.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcp90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\xadb.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ymlct, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcp90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad], 
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, In Quarantäne, [852bbff17d1cf83ec6dfe9b6ad57619f], 
PUP.Optional.Linkury, C:\Users\Jan\AppData\Roaming\inst.lat, In Quarantäne, [edc3bcf4e8b19b9bbf6d57536a9abc44], 
PUP.Optional.SearchProtect, C:\Windows\System32\Tasks\bvyvave, In Quarantäne, [f0c0862a4851c2746bc2bded8e76cb35], 
PUP.Optional.CouponMarvel, C:\Windows\System32\Tasks\FYJHMJXE1, In Quarantäne, [ecc48b255940c0769e41e4c622e2867a], 
PUP.Optional.CouponMarvel, C:\Windows\Tasks\FYJHMJXE1.job, In Quarantäne, [1f91486805945cda11cf2189a65eed13], 
PUP.Optional.Komodia.Gen, C:\Windows\System32\Tasks\kze3024, In Quarantäne, [931da20e8217ec4a0782a407927204fc], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\rlz_id.dll, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\sma.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smci64.dll, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smi32.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smi64.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\SMUninstall.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\tree.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Byidf.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Byidf64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\config.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Ezouhti64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Karagir.bat, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\nfregdrv64.exe, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\setup.ico, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Wemved.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Wemved64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\wlist.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\libraries\DataExchangeScript.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\config.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\LocalScript.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\uninstall.html, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\wlist.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01], 
PUP.Optional.Linkury.ACMB1, C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml, In Quarantäne, [0aa6a70982176ec8a08890db689d3bc5], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jan on 19.04.2016 at 14:50:32,86.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jan\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

19.04.2016 14:51:58 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\McAfee deleted successfully
C:\Program Files\Uhhiwesoif deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\Jan\AppData\Roaming\DecfMegb deleted successfully
C:\Users\Jan\AppData\Roaming\NiryFepja deleted successfully
C:\Users\Jan\AppData\Roaming\Phase6 deleted successfully
C:\Users\Jan\AppData\Local\AviraSpeedup deleted successfully
C:\Users\Jan\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jan\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jan\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Classes\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Classes\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\prefs.js:

Added to C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\windows\SysNative\Tasks\KHEIGTSHJRHYMLJD deleted
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Windows\tasks\KHEIGTSHJRHYMLJD.job deleted
C:\PROGRA~3\19a87fa1ec024bbcbb41931263354405 deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Jan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Public\Documents\dmp deleted
C:\Users\Jan\AppData\LocalLow\Company deleted
C:\Users\Jan\Documents\Add-in Express deleted

==== Orphaned Tasks deleted from Registry ======================

Software Update Application deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08.01.2016 11:47]

Skype - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - hxxp://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - No_Url_Value

==== Reset Google Chrome ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesgbak was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data.tmp was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Datagbak was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1445 folders=718 229193734 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 19.04.2016 at 15:03:53,00 ======================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (19-04-2016 15:10:00)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-19]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 15:10 - 2016-04-19 15:10 - 00019586 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-19 14:39 - 00001371 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-19 15:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-19 14:35 - 00001074 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-19 15:10 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 19:00 - 2016-04-11 19:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Jaynew
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Itepe
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00023164 _____ C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F}
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-04-19 14:35 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-04-19 14:35 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-03-20 10:00 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 15:08 - 2015-08-09 08:50 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-19 15:05 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-19 15:04 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-19 15:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 15:02 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 15:01 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 14:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-19 14:43 - 2015-06-17 21:46 - 06150350 _____ C:\Windows\system32\perfh007.dat
2016-04-19 14:43 - 2015-06-17 21:46 - 01772674 _____ C:\Windows\system32\perfc007.dat
2016-04-19 14:43 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 14:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-19 14:35 - 2016-02-24 21:09 - 00000921 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-19 14:35 - 2016-02-24 21:09 - 00000916 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-19 14:35 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-19 14:35 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-19 14:35 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-19 14:35 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-19 14:35 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-19 14:35 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-19 14:35 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-19 14:35 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-19 14:35 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-19 14:35 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 17:09 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-18 17:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-18 17:05 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-10 21:14 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-23 13:08 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:27

==================== Ende von FRST.txt ============================

Jan02 · 19.04.2016, 14:21

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-19 15:10:40)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.7.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.7.2 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
Task: {8D0F8506-F40D-4D6E-B7F9-14627F7E88C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {F2E799D9-458D-4D15-849A-AA3C3F58B1C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 19:47 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E97F6DF-FD13-4727-BAF6-731AE03B15FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{979724F2-C816-41F9-A9E2-7045F60A9EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9CDFBCE3-FFB8-4DA7-A972-41CF3194572E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9EFEA998-A4C0-495D-AE38-06AB1495F4BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7
19-04-2016 14:51:43 zoek.exe restore point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 01:27:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: efc

Startzeit: 01d19a2d6b60a551

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\BackgroundTaskHost.exe

Berichts-ID: b84b5497-0621-11e6-8332-206a8a9e0239

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/18/2016 04:38:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/19/2016 02:59:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:51:09 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (04/18/2016 06:41:28 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:28 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:22 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:22 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


CodeIntegrity:
===================================
  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5963.05 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 14676.27 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:218.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hallo Rafael,
danke für die schnellen Antworten! Habe alles so gemacht wie geschrieben und die vier Logfiles die ich posten sollte gepostet, in der Reihenfolge wie in deiner Anleitung.
Der Mpc Cleaner ist jetzt auf jeden Fall schon mal nicht mehr sichtbar als Verknüpfung oder sonst wo aber ich werde die Schritte die du mir schreibst natürlich weiter durchführen.
Hoffen wir dass wir den MPC Cleaner endgültig von meinem Computer bekommen.

Mfg,
Jan

burningice · 19.04.2016, 23:36

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
C:\PROGRA~1\UHHIWE~1

Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG

Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG

Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
C:\PROGRA~1\Uboxva
cmd: dir %programdata% /a d
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= 
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] () 
C:\Windows\System32\DRIVERS\EsgScanner.sys
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
cmd: sc start WinDefend Enable
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt: 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Jan02 · 21.04.2016, 05:16

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-20 19:49:16) Run:1
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
C:\PROGRA~1\UHHIWE~1

Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG

Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG

Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
C:\PROGRA~1\Uboxva
cmd: dir %programdata% /a d
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= 
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] () 
C:\Windows\System32\DRIVERS\EsgScanner.sys
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
cmd: sc start WinDefend Enable
emptytemp:
         
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{532DF1E6-08C9-41F7-9CE3-1C5B267AE955}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532DF1E6-08C9-41F7-9CE3-1C5B267AE955}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\Itepe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Itepe" => Schlüssel erfolgreich entfernt
"C:\PROGRA~1\UHHIWE~1" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D686CCA-1D50-47EE-AA36-D688A3A3BD9E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D686CCA-1D50-47EE-AA36-D688A3A3BD9E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DEC51EF-808E-4A3B-AFEC-E2C2136E6200}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DEC51EF-808E-4A3B-AFEC-E2C2136E6200}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0E057D47-7808-0A78-0C11-7E0A0A78117F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B9987FB-E254-4C6C-88F0-5AE0917C14A4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9987FB-E254-4C6C-88F0-5AE0917C14A4}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\Jaynew => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jaynew" => Schlüssel erfolgreich entfernt
"C:\PROGRA~1\Uboxva" => nicht gefunden.

=========  dir %programdata% /a d =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 2093-6EEC

 Verzeichnis von C:\ProgramData

19.04.2016  15:00    <DIR>          .
19.04.2016  15:00    <DIR>          ..
10.08.2015  08:35    <DIR>          .mono
09.08.2015  19:11    <DIR>          Acer
31.08.2015  09:23    <DIR>          Adobe
17.06.2015  13:54    <JUNCTION>     Anwendungsdaten [C:\ProgramData]
30.08.2015  11:41    <DIR>          Apple
30.08.2015  11:42    <DIR>          Apple Computer
22.08.2013  16:45    <JUNCTION>     Application Data [C:\ProgramData]
17.06.2015  13:09    <DIR>          Atheros
11.04.2016  20:20    <DIR>          Avira
09.08.2015  10:56    <DIR>          BlueStacks
30.08.2015  12:44    <DIR>          Brother
17.06.2015  13:21    <DIR>          CLSK
03.11.2015  22:40    <DIR>          Codemasters
30.08.2015  12:43    <DIR>          ControlCenter4
09.08.2015  19:20    <DIR>          CyberLink
22.08.2013  16:45    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
22.08.2013  16:45    <JUNCTION>     Documents [C:\Users\Public\Documents]
17.06.2015  13:54    <JUNCTION>     Dokumente [C:\Users\Public\Documents]
17.06.2015  13:07                 0 DP45977C.lfl
17.06.2015  13:21    <DIR>          install_clap
09.08.2015  08:48    <DIR>          Intel
17.06.2015  12:54    <DIR>          Intel(R) Update Manager
19.04.2016  13:07    <DIR>          Malwarebytes
10.08.2015  09:23    <DIR>          McAfee
10.04.2016  18:51    <DIR>          Microsoft
30.08.2015  13:20    <DIR>          Microsoft OneDrive
29.03.2016  11:31    <DIR>          NVIDIA
29.03.2016  11:31    <DIR>          NVIDIA Corporation
09.08.2015  19:18    <DIR>          OEM
17.06.2015  14:00    <DIR>          OEM_YAHOO
31.08.2015  09:13    <DIR>          Phase6
17.06.2015  12:57    <DIR>          Qualcomm Atheros
16.04.2016  17:07    <DIR>          Razer
20.04.2016  19:32    <DIR>          regid.1991-06.com.microsoft
01.09.2015  16:26    <DIR>          Samsung
19.04.2016  19:33    <DIR>          Skype
22.08.2013  16:45    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
17.06.2015  13:54    <JUNCTION>     Startmen� [C:\ProgramData\Microsoft\Windows\Start Menu]
28.12.2015  13:20    <DIR>          Sync App Settings
17.06.2015  13:21    <DIR>          Temp
22.08.2013  16:45    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
17.06.2015  13:54    <JUNCTION>     Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
09.08.2015  19:24    <DIR>          WildTangent
               1 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Jan\Desktop

Datei nicht gefunden

========= Ende von CMD: =========

HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
EsgScanner => Dienst erfolgreich entfernt
C:\Windows\System32\DRIVERS\EsgScanner.sys => erfolgreich verschoben
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdwfp" => Schlüssel erfolgreich entfernt

=========  sc start WinDefend Enable =========

[SC] StartService FEHLER 577:

Die digitale Signatur dieser Datei kann nicht �berpr�ft werden. M�glicherweise wurde durch eine k�rzlich durchgef�hrte Hardware- oder Software�nderung eine falsch signierte oder besch�digte Datei oder eine Datei, bei der es sich um b�swillige Software aus einer unbekannten Quelle handelt, installiert.


========= Ende von CMD: =========

EmptyTemp: => 229.1 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:50:29 ====

Sorry Rafael heute folgt nur Schritt 1 innerhalb 24 Stunden . Nur dass du dich nicht wunderst. Denn der Scanner läuft noch werde den Rest dann morgen Posten .

Gruß Jan

Hoffe du kannst noch vor Freitag also am besten Donnerstagabend antworten.

MFG
Jan

Code:

ATTFilter

# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# end=init
# utc_time=2016-04-20 05:56:02
# local_time=2016-04-20 07:56:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29158
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# end=updated
# utc_time=2016-04-20 05:58:07
# local_time=2016-04-20 07:58:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# engine=29158
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-20 07:55:02
# local_time=2016-04-20 09:55:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 354580 24971672 0 0
# scanned=417824
# found=6
# cleaned=0
# scan_time=7014
sh=A6695378FF8D6DB79416B329472254C55476772F ft=1 fh=a5863f9f88fb0ec6 vn="MSIL/TrojanDownloader.Agent.BTI Trojaner" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files\Windows Screen Manager\Windows screen manage updater.exe.vir"
sh=3BDD88099579BAACD6B578A23EAB6CB203E4D5BB ft=1 fh=dfc6a020bb469f08 vn="Variante von Win32/Adware.ConvertAd.AHH Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\FE3A64E9-1460297796-4845-91F5-CEC510387103\vnsbB66C.tmp.vir"
sh=B3AFB4FF7ABE8F988353A646950DB5343CC79FB6 ft=1 fh=e67a3b79619c0c5f vn="Variante von Win32/ELEX.HT evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchesToYesbnd\ffuter.exe.vir"
sh=6247D12970410CC30F1511AE71359230C49F77D8 ft=1 fh=3953820c75e8be91 vn="mÃ¶glicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\OEM\Preload\APP\Personify\Preinstalled.Personify.2.5.4.15.-.Setup.exe"
sh=D08D9B0DA9EFD8247F0A7C2C15FF374AB41C74A2 ft=1 fh=f1dda25b5f028579 vn="Variante von Win32/InstallCore.ACZ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Jan\Documents\My Games\SimBin\Crash Dumps\minecraft.exe"
sh=D7755CF2133087E2EE709A590C719A22826F78B8 ft=1 fh=8c309ca2fd2bddd3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Jan\Downloads\WinZip 64 Bit - CHIP-Installer.exe"

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (21-04-2016 06:08:20)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan &  (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-19]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL = 
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-20] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 19:55 - 2016-04-20 19:55 - 02870984 _____ (ESET) C:\Users\Jan\Downloads\esetsmartinstaller_deu.exe
2016-04-20 19:55 - 2016-04-20 19:55 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-20 19:49 - 2016-04-20 19:50 - 00007349 _____ C:\Users\Jan\Desktop\Fixlog.txt
2016-04-19 19:07 - 2016-04-19 19:08 - 29872687 _____ C:\Users\Jan\Downloads\client_20810.zip
2016-04-19 15:10 - 2016-04-21 06:08 - 00020983 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:10 - 2016-04-19 15:11 - 00049036 _____ C:\Users\Jan\Desktop\Addition.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-19 14:39 - 00001371 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-21 06:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-19 14:35 - 00001074 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-21 06:08 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:27 - 2016-04-10 16:27 - 00060136 ____N (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-10 16:16 - 2016-03-04 16:13 - 00046352 _____ C:\Windows\system32\Drivers\zdwfp64.sys
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-04-19 14:35 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-04-19 14:35 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 22:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-20 21:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-20 19:52 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-20 19:52 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-20 19:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 19:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-20 19:37 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-20 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 19:31 - 2015-08-30 13:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-20 19:30 - 2015-06-17 21:46 - 06197738 _____ C:\Windows\system32\perfh007.dat
2016-04-20 19:30 - 2015-06-17 21:46 - 01786882 _____ C:\Windows\system32\perfc007.dat
2016-04-20 19:30 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 20:55 - 2015-12-08 21:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-04-19 20:52 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-04-19 20:34 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Jan\Documents\ETS2MP
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ____D C:\ProgramData\Skype
2016-04-19 19:32 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-19 19:17 - 2015-08-09 08:50 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-19 19:08 - 2016-02-24 21:09 - 00000877 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-19 19:08 - 2016-02-24 21:09 - 00000872 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETS2 + ATS Multiplayer
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\Program Files\TruckersMP
2016-04-19 14:35 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-19 14:35 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-19 14:35 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-19 14:35 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-19 14:35 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-19 14:35 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-19 14:35 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-19 14:35 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-19 14:35 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-19 14:35 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 17:09 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-18 17:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-18 17:05 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 21:55

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-21 06:09:07)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.8.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.8.1 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {91CFB104-0317-4B91-89F7-29EAFF0CD2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {E84F1A29-38DE-4DC2-9BE7-407220559AE5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {E987A9FC-7172-4CFF-AC33-3F4B42D608F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 19:47 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E97F6DF-FD13-4727-BAF6-731AE03B15FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{979724F2-C816-41F9-A9E2-7045F60A9EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9CDFBCE3-FFB8-4DA7-A972-41CF3194572E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9EFEA998-A4C0-495D-AE38-06AB1495F4BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7
19-04-2016 14:51:43 zoek.exe restore point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/21/2016 06:05:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:55:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:55:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 07:13:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3d8

Startzeit: 01d19a5e225e9b63

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\BackgroundTaskHost.exe

Berichts-ID: 1733599e-0652-11e6-8335-206a8a9e0239

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports

Error: (04/19/2016 07:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: syncappw.exe, Version: 15.3.1.0, Zeitstempel: 0x5631c04d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18194, Zeitstempel: 0x569515fc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00048785
ID des fehlerhaften Prozesses: 0x16f8
Startzeit der fehlerhaften Anwendung: 0xsyncappw.exe0
Pfad der fehlerhaften Anwendung: syncappw.exe1
Pfad des fehlerhaften Moduls: syncappw.exe2
Berichtskennung: syncappw.exe3
Vollständiger Name des fehlerhaften Pakets: syncappw.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: syncappw.exe5

Error: (04/19/2016 06:57:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2016 06:57:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/20/2016 09:56:14 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/20/2016 09:56:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Microsoft Visual C++ 2012 Update 4 Redistributable Package (KB3119142)

Error: (04/20/2016 09:55:44 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/20/2016 07:56:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/20/2016 07:56:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/20/2016 07:56:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/20/2016 07:56:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:50:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577


CodeIntegrity:
===================================
  Date: 2016-04-20 19:50:08.821
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5464.3 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 13843.11 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:213.15 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 21.04.2016, 12:40

Schritt: 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt: 2
Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

Jan02 · 21.04.2016, 17:51

Code:

ATTFilter

18:24:25.0801 0x0ee8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:24:25.0801 0x0ee8  UEFI system
18:24:31.0258 0x0ee8  ============================================================
18:24:31.0258 0x0ee8  Current date / time: 2016/04/21 18:24:31.0258
18:24:31.0258 0x0ee8  SystemInfo:
18:24:31.0258 0x0ee8  
18:24:31.0258 0x0ee8  OS Version: 6.3.9600 ServicePack: 0.0
18:24:31.0258 0x0ee8  Product type: Workstation
18:24:31.0258 0x0ee8  ComputerName: NOTEBOOK-JAN2
18:24:31.0258 0x0ee8  UserName: Jan
18:24:31.0258 0x0ee8  Windows directory: C:\Windows
18:24:31.0258 0x0ee8  System windows directory: C:\Windows
18:24:31.0258 0x0ee8  Running under WOW64
18:24:31.0258 0x0ee8  Processor architecture: Intel x64
18:24:31.0258 0x0ee8  Number of processors: 8
18:24:31.0258 0x0ee8  Page size: 0x1000
18:24:31.0258 0x0ee8  Boot type: Normal boot
18:24:31.0258 0x0ee8  ============================================================
18:24:31.0945 0x0ee8  KLMD registered as C:\Windows\system32\drivers\19455813.sys
18:24:32.0398 0x0ee8  System UUID: {1F5B7244-AE05-5BD4-D634-E300C7229C3E}
18:24:33.0196 0x0ee8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:24:33.0211 0x0ee8  ============================================================
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0:
18:24:33.0211 0x0ee8  GPT partitions:
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1BF8F16C-75A2-4A89-BB4A-948F9409272F}, Name: , StartLBA 0x800, BlocksNum 0x12C000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67C2B5FA-AA21-4C37-A3E3-B666D89BE5CD}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {578FBE44-0829-4689-9F1E-9F0432FA369B}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5EB182A7-198E-4EC4-85DC-E13FBE465447}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x38B89000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EEF9BA2-84F5-4C8E-9459-286A1504BD63}, Name: Basic data partition, StartLBA 0x38D8B800, BlocksNum 0x38B89000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {304C9B52-36BD-4869-8C13-D2CB3E51819B}, Name: , StartLBA 0x71914800, BlocksNum 0x2DF2000
18:24:33.0211 0x0ee8  MBR partitions:
18:24:33.0211 0x0ee8  ============================================================
18:24:33.0211 0x0ee8  C: <-> \Device\Harddisk0\DR0\Partition4
18:24:33.0258 0x0ee8  D: <-> \Device\Harddisk0\DR0\Partition5
18:24:33.0258 0x0ee8  ============================================================
18:24:33.0258 0x0ee8  Initialize success
18:24:33.0258 0x0ee8  ============================================================
18:25:02.0726 0x1b84  ============================================================
18:25:02.0726 0x1b84  Scan started
18:25:02.0726 0x1b84  Mode: Manual; SigCheck; TDLFS; 
18:25:02.0726 0x1b84  ============================================================
18:25:02.0726 0x1b84  KSN ping started
18:25:05.0086 0x1b84  KSN ping finished: true
18:25:14.0215 0x1b84  ================ Scan system memory ========================
18:25:14.0215 0x1b84  System memory - ok
18:25:14.0230 0x1b84  ================ Scan services =============================
18:25:14.0808 0x1b84  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:25:14.0980 0x1b84  1394ohci - ok
18:25:15.0058 0x1b84  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:25:15.0074 0x1b84  3ware - ok
18:25:15.0105 0x1b84  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:25:15.0136 0x1b84  ACPI - ok
18:25:15.0199 0x1b84  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:25:15.0215 0x1b84  acpiex - ok
18:25:15.0230 0x1b84  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:25:15.0277 0x1b84  acpipagr - ok
18:25:15.0355 0x1b84  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:25:15.0433 0x1b84  AcpiPmi - ok
18:25:15.0433 0x1b84  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:25:15.0480 0x1b84  acpitime - ok
18:25:15.0619 0x1b84  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:25:15.0657 0x1b84  AdobeARMservice - ok
18:25:16.0416 0x1b84  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:25:16.0447 0x1b84  AdobeFlashPlayerUpdateSvc - ok
18:25:16.0541 0x1b84  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
18:25:16.0635 0x1b84  ADP80XX - ok
18:25:16.0682 0x1b84  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:25:16.0775 0x1b84  AeLookupSvc - ok
18:25:16.0791 0x1b84  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
18:25:16.0916 0x1b84  AFD - ok
18:25:16.0947 0x1b84  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:25:16.0963 0x1b84  agp440 - ok
18:25:16.0979 0x1b84  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
18:25:17.0041 0x1b84  ahcache - ok
18:25:17.0057 0x1b84  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
18:25:17.0119 0x1b84  ALG - ok
18:25:17.0135 0x1b84  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:25:17.0213 0x1b84  AmdK8 - ok
18:25:17.0229 0x1b84  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:25:17.0260 0x1b84  AmdPPM - ok
18:25:17.0275 0x1b84  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:25:17.0291 0x1b84  amdsata - ok
18:25:17.0307 0x1b84  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:25:17.0338 0x1b84  amdsbs - ok
18:25:17.0338 0x1b84  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:25:17.0354 0x1b84  amdxata - ok
18:25:17.0369 0x1b84  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:25:17.0385 0x1b84  AppID - ok
18:25:17.0400 0x1b84  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:25:17.0447 0x1b84  AppIDSvc - ok
18:25:17.0463 0x1b84  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
18:25:17.0525 0x1b84  Appinfo - ok
18:25:17.0682 0x1b84  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:25:17.0697 0x1b84  Apple Mobile Device Service - ok
18:25:17.0791 0x1b84  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
18:25:17.0854 0x1b84  AppReadiness - ok
18:25:17.0901 0x1b84  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
18:25:18.0166 0x1b84  AppXSvc - ok
18:25:18.0182 0x1b84  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:25:18.0182 0x1b84  arcsas - ok
18:25:18.0213 0x1b84  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:25:18.0229 0x1b84  atapi - ok
18:25:18.0260 0x1b84  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
18:25:18.0276 0x1b84  AthBTPort - ok
18:25:18.0416 0x1b84  [ FB9A914C346E74D66D454A9C46351A2D, 6EFA70BCB179802F9439C70BB413E653AF9B1E006881F69AD1F43FF3069FA797 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
18:25:18.0447 0x1b84  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:25:20.0743 0x0f9c  Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
18:25:20.0916 0x1b84  Detect skipped due to KSN trusted
18:25:20.0916 0x1b84  AtherosSvc - ok
18:25:21.0072 0x1b84  [ B2F1057E6EFF75A4A4B653AF4E04470D, 60D535D5DC84CF0B7BB29005181CBEB90F07037E97ECDBF1EC49C4B262BD93BB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
18:25:21.0260 0x1b84  athr - ok
18:25:21.0275 0x1b84  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:25:21.0322 0x1b84  AudioEndpointBuilder - ok
18:25:21.0338 0x1b84  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:25:21.0385 0x1b84  Audiosrv - ok
18:25:21.0416 0x1b84  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:25:21.0510 0x1b84  AxInstSV - ok
18:25:21.0572 0x1b84  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:25:21.0588 0x1b84  b06bdrv - ok
18:25:21.0619 0x1b84  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:25:21.0650 0x1b84  BasicDisplay - ok
18:25:21.0666 0x1b84  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:25:21.0713 0x1b84  BasicRender - ok
18:25:21.0744 0x1b84  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
18:25:21.0744 0x1b84  bcmfn2 - ok
18:25:21.0760 0x1b84  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:25:21.0791 0x1b84  BDESVC - ok
18:25:21.0791 0x1b84  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
18:25:21.0869 0x1b84  Beep - ok
18:25:22.0010 0x1b84  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
18:25:22.0088 0x1b84  BFE - ok
18:25:22.0150 0x1b84  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
18:25:22.0291 0x1b84  BITS - ok
18:25:22.0322 0x1b84  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:25:22.0353 0x1b84  bowser - ok
18:25:22.0369 0x1b84  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:25:22.0400 0x1b84  BrokerInfrastructure - ok
18:25:22.0432 0x1b84  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
18:25:22.0463 0x1b84  Browser - ok
18:25:22.0494 0x1b84  [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:25:22.0510 0x1b84  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:25:23.0541 0x0f9c  Object send P2P result: true
18:25:25.0479 0x1b84  Detect skipped due to KSN trusted
18:25:25.0479 0x1b84  BrYNSvc - ok
18:25:25.0526 0x1b84  [ EEFEE4EB812A4F8288424E823C042B9B, 237B44A1DAE11287895F730A65ED944758F9DC94B24B151665C698C279A570D7 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
18:25:25.0557 0x1b84  BTATH_A2DP - ok
18:25:25.0578 0x1b84  [ 5EA46680997EB8D819B199641BE83F79, F9DF92449CE6AF62BD59DAC7147294803340168D0BE0FE5AB5195D1E645BA1C6 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
18:25:25.0587 0x1b84  btath_avdt - ok
18:25:25.0603 0x1b84  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
18:25:25.0619 0x1b84  BTATH_BUS - ok
18:25:25.0619 0x1b84  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:25:25.0619 0x1b84  BTATH_LWFLT - ok
18:25:25.0635 0x1b84  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
18:25:25.0641 0x1b84  BTATH_RCP - ok
18:25:25.0665 0x1b84  [ B589A15F887780F799019524776EC8A3, 58EC0D498AC318EAA8473B51051AEFFB478D71ABD7F25527A00442C78D4EEF8A ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
18:25:25.0684 0x1b84  BtFilter - ok
18:25:25.0690 0x1b84  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:25:25.0728 0x1b84  BthAvrcpTg - ok
18:25:25.0758 0x1b84  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
18:25:25.0822 0x1b84  BthEnum - ok
18:25:25.0846 0x1b84  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:25:25.0931 0x1b84  BthHFEnum - ok
18:25:25.0947 0x1b84  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:25:25.0962 0x1b84  bthhfhid - ok
18:25:26.0056 0x1b84  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
18:25:26.0102 0x1b84  BthHFSrv - ok
18:25:26.0134 0x1b84  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:25:26.0227 0x1b84  BthLEEnum - ok
18:25:26.0274 0x1b84  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:25:26.0306 0x1b84  BTHMODEM - ok
18:25:26.0337 0x1b84  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
18:25:26.0368 0x1b84  BthPan - ok
18:25:26.0493 0x1b84  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:25:26.0571 0x1b84  BTHPORT - ok
18:25:26.0571 0x1b84  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
18:25:26.0603 0x1b84  bthserv - ok
18:25:26.0649 0x1b84  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:25:26.0696 0x1b84  BTHUSB - ok
18:25:26.0868 0x1b84  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:25:26.0899 0x1b84  c2cautoupdatesvc - ok
18:25:27.0024 0x1b84  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:25:27.0071 0x1b84  c2cpnrsvc - ok
18:25:27.0103 0x1b84  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:25:27.0165 0x1b84  cdfs - ok
18:25:27.0196 0x1b84  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:25:27.0227 0x1b84  cdrom - ok
18:25:27.0259 0x1b84  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:25:27.0290 0x1b84  CertPropSvc - ok
18:25:27.0321 0x1b84  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
18:25:27.0337 0x1b84  circlass - ok
18:25:27.0384 0x1b84  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:25:27.0399 0x1b84  CLFS - ok
18:25:27.0978 0x1b84  [ 4DDC45ACA9EEAB337F6D8E50C87CF1BF, F004079B1E6629E1112190D4F773134EDEC1E2EF17E7181BC1D02A570EB8F1CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:25:28.0165 0x1b84  ClickToRunSvc - ok
18:25:28.0196 0x1b84  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:25:28.0228 0x1b84  CmBatt - ok
18:25:28.0243 0x1b84  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:25:28.0259 0x1b84  CNG - ok
18:25:28.0275 0x1b84  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:25:28.0290 0x1b84  CompositeBus - ok
18:25:28.0290 0x1b84  COMSysApp - ok
18:25:28.0306 0x1b84  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:25:28.0368 0x1b84  condrv - ok
18:25:29.0587 0x1b84  [ 306B31B977BC3477953B2A6277F4052B, 4DB1DEA0A782A85755347C1F42722336690C01E584E4E846FD2065F7DEBC9364 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:25:29.0665 0x1b84  cphs - ok
18:25:29.0775 0x1b84  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:25:29.0869 0x1b84  CryptSvc - ok
18:25:29.0900 0x1b84  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\Windows\system32\drivers\dam.sys
18:25:29.0915 0x1b84  dam - ok
18:25:30.0197 0x1b84  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:25:30.0602 0x1b84  DcomLaunch - ok
18:25:30.0709 0x1b84  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
18:25:30.0916 0x1b84  defragsvc - ok
18:25:31.0040 0x1b84  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:25:31.0181 0x1b84  DeviceAssociationService - ok
18:25:31.0228 0x1b84  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:25:31.0243 0x1b84  DeviceInstall - ok
18:25:31.0259 0x1b84  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:25:31.0353 0x1b84  Dfsc - ok
18:25:31.0399 0x1b84  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:25:31.0478 0x1b84  dg_ssudbus - ok
18:25:31.0556 0x1b84  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:25:31.0993 0x1b84  Dhcp - ok
18:25:32.0337 0x1b84  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:25:32.0478 0x1b84  DiagTrack - ok
18:25:32.0524 0x1b84  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
18:25:32.0540 0x1b84  disk - ok
18:25:32.0556 0x1b84  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:25:32.0634 0x1b84  dmvsc - ok
18:25:32.0665 0x1b84  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:25:32.0743 0x1b84  Dnscache - ok
18:25:32.0790 0x1b84  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:25:32.0868 0x1b84  dot3svc - ok
18:25:32.0915 0x1b84  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
18:25:32.0993 0x1b84  DPS - ok
18:25:33.0212 0x1b84  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:25:33.0228 0x1b84  drmkaud - ok
18:25:33.0290 0x1b84  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:25:33.0337 0x1b84  DsmSvc - ok
18:25:33.0525 0x1b84  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:25:33.0634 0x1b84  DXGKrnl - ok
18:25:33.0681 0x1b84  [ CCED99682127E8582E5F716ECE775EF8, 3B0A51E1FC4D5BD3E7EC182799AD712AEEAF1DCD761D7E98BEC8A0A67F7334AF ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
18:25:33.0712 0x1b84  E1G60 - ok
18:25:33.0728 0x1b84  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:25:33.0775 0x1b84  Eaphost - ok
18:25:33.0900 0x1b84  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:25:33.0978 0x1b84  ebdrv - ok
18:25:34.0025 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
18:25:34.0040 0x1b84  EFS - ok
18:25:34.0072 0x1b84  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:25:34.0087 0x1b84  EhStorClass - ok
18:25:34.0103 0x1b84  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:25:34.0103 0x1b84  EhStorTcgDrv - ok
18:25:34.0290 0x1b84  [ 6066FDFF6E02A0F1F2584EBC9D4A1E63, 2CD1405C4664FBE2EB120EB9F56FCDC629F334AD6BA609A9B442FE594CB6A247 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
18:25:34.0337 0x1b84  ePowerSvc - ok
18:25:34.0353 0x1b84  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:25:34.0400 0x1b84  ErrDev - ok
18:25:34.0540 0x1b84  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
18:25:34.0618 0x1b84  EventSystem - ok
18:25:34.0634 0x1b84  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:25:34.0712 0x1b84  exfat - ok
18:25:34.0728 0x1b84  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:25:34.0806 0x1b84  fastfat - ok
18:25:34.0931 0x1b84  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
18:25:34.0993 0x1b84  Fax - ok
18:25:35.0009 0x1b84  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:25:35.0025 0x1b84  fdc - ok
18:25:35.0056 0x1b84  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:25:35.0118 0x1b84  fdPHost - ok
18:25:35.0150 0x1b84  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:25:35.0400 0x1b84  FDResPub - ok
18:25:35.0431 0x1b84  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
18:25:35.0509 0x1b84  fhsvc - ok
18:25:35.0525 0x1b84  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:25:35.0540 0x1b84  FileInfo - ok
18:25:35.0556 0x1b84  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:25:35.0604 0x1b84  Filetrace - ok
18:25:35.0607 0x1b84  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:25:35.0623 0x1b84  flpydisk - ok
18:25:35.0659 0x1b84  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:25:35.0675 0x1b84  FltMgr - ok
18:25:35.0821 0x1b84  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
18:25:35.0925 0x1b84  FontCache - ok
18:25:36.0068 0x1b84  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:25:36.0084 0x1b84  FontCache3.0.0.0 - ok
18:25:36.0099 0x1b84  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:25:36.0115 0x1b84  FsDepends - ok
18:25:36.0130 0x1b84  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:25:36.0130 0x1b84  Fs_Rec - ok
18:25:36.0177 0x1b84  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:25:36.0193 0x1b84  fvevol - ok
18:25:36.0209 0x1b84  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:25:36.0240 0x1b84  FxPPM - ok
18:25:36.0271 0x1b84  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:25:36.0271 0x1b84  gagp30kx - ok
18:25:36.0302 0x1b84  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:25:36.0318 0x1b84  gencounter - ok
18:25:36.0552 0x1b84  [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:25:36.0615 0x1b84  GfExperienceService - ok
18:25:36.0646 0x1b84  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:25:36.0662 0x1b84  GPIOClx0101 - ok
18:25:36.0677 0x1b84  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:25:36.0740 0x1b84  gpsvc - ok
18:25:36.0943 0x1b84  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:36.0959 0x1b84  gupdate - ok
18:25:36.0959 0x1b84  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:36.0974 0x1b84  gupdatem - ok
18:25:37.0005 0x1b84  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:25:37.0037 0x1b84  HdAudAddService - ok
18:25:37.0068 0x1b84  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:25:37.0084 0x1b84  HDAudBus - ok
18:25:37.0115 0x1b84  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:25:37.0146 0x1b84  HidBatt - ok
18:25:37.0490 0x1b84  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:25:37.0568 0x1b84  HidBth - ok
18:25:37.0568 0x1b84  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:25:37.0584 0x1b84  hidi2c - ok
18:25:37.0599 0x1b84  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:25:37.0615 0x1b84  HidIr - ok
18:25:37.0630 0x1b84  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
18:25:37.0662 0x1b84  hidserv - ok
18:25:37.0677 0x1b84  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:25:37.0755 0x1b84  HidUsb - ok
18:25:37.0771 0x1b84  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:25:37.0818 0x1b84  hkmsvc - ok
18:25:37.0834 0x1b84  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:25:37.0880 0x1b84  HomeGroupListener - ok
18:25:37.0927 0x1b84  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:25:37.0959 0x1b84  HomeGroupProvider - ok
18:25:37.0990 0x1b84  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:25:38.0005 0x1b84  HpSAMD - ok
18:25:38.0037 0x1b84  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:25:38.0068 0x1b84  HTTP - ok
18:25:38.0068 0x1b84  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:25:38.0068 0x1b84  hwpolicy - ok
18:25:38.0084 0x1b84  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:25:38.0115 0x1b84  hyperkbd - ok
18:25:38.0130 0x1b84  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:25:38.0162 0x1b84  HyperVideo - ok
18:25:38.0224 0x1b84  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:25:38.0412 0x1b84  i8042prt - ok
18:25:38.0443 0x1b84  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:25:38.0459 0x1b84  iaLPSSi_GPIO - ok
18:25:38.0459 0x1b84  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:25:38.0474 0x1b84  iaLPSSi_I2C - ok
18:25:38.0584 0x1b84  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
18:25:38.0615 0x1b84  iaStorAV - ok
18:25:38.0615 0x1b84  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:25:38.0630 0x1b84  iaStorV - ok
18:25:38.0630 0x1b84  IEEtwCollectorService - ok
18:25:38.0709 0x1b84  [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:25:39.0021 0x1b84  igfx - ok
18:25:39.0053 0x1b84  [ 201700DCB9CF3D72B9CCA09532774DD2, 45E4489C1703D6A324E46C8314211B2FD2C76C6EB44E8CAD868FF2BC202E7122 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:25:39.0068 0x1b84  igfxCUIService1.0.0.0 - ok
18:25:39.0146 0x1b84  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:25:39.0162 0x1b84  IKEEXT - ok
18:25:39.0193 0x1b84  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:25:39.0209 0x1b84  intaud_WaveExtensible - ok
18:25:39.0303 0x1b84  [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:25:39.0615 0x1b84  IntcAzAudAddService - ok
18:25:39.0662 0x1b84  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:25:39.0662 0x1b84  IntcDAud - ok
18:25:39.0818 0x1b84  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:25:39.0850 0x1b84  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:25:40.0006 0x1b84  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:25:40.0022 0x1b84  Intel(R) ME Service - ok
18:25:40.0053 0x1b84  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:25:40.0068 0x1b84  intelide - ok
18:25:40.0115 0x1b84  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
18:25:40.0131 0x1b84  intelpep - ok
18:25:40.0147 0x1b84  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:25:40.0193 0x1b84  intelppm - ok
18:25:40.0225 0x1b84  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:25:40.0287 0x1b84  IpFilterDriver - ok
18:25:40.0506 0x1b84  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:25:40.0553 0x1b84  iphlpsvc - ok
18:25:40.0584 0x1b84  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:25:40.0645 0x1b84  IPMIDRV - ok
18:25:40.0678 0x1b84  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:25:40.0734 0x1b84  IPNAT - ok
18:25:40.0771 0x1b84  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:25:40.0788 0x1b84  iPod Service - ok
18:25:40.0792 0x1b84  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:25:40.0804 0x1b84  IRENUM - ok
18:25:40.0820 0x1b84  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:25:40.0851 0x1b84  isapnp - ok
18:25:40.0885 0x1b84  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:25:40.0943 0x1b84  iScsiPrt - ok
18:25:40.0945 0x1b84  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
18:25:40.0961 0x1b84  iumsvc - ok
18:25:40.0961 0x1b84  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
18:25:40.0961 0x1b84  iwdbus - ok
18:25:40.0977 0x1b84  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:25:40.0992 0x1b84  jhi_service - ok
18:25:41.0008 0x1b84  [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:25:41.0035 0x1b84  k57nd60a - ok
18:25:41.0047 0x1b84  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:25:41.0054 0x1b84  kbdclass - ok
18:25:41.0054 0x1b84  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:25:41.0069 0x1b84  kbdhid - ok
18:25:41.0101 0x1b84  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:25:41.0148 0x1b84  kdnic - ok
18:25:41.0148 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
18:25:41.0163 0x1b84  KeyIso - ok
18:25:41.0194 0x1b84  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:25:41.0210 0x1b84  KSecDD - ok
18:25:41.0257 0x1b84  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:25:41.0273 0x1b84  KSecPkg - ok
18:25:41.0319 0x1b84  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:25:41.0335 0x1b84  ksthunk - ok
18:25:41.0398 0x1b84  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:25:41.0429 0x1b84  KtmRm - ok
18:25:41.0476 0x1b84  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:25:41.0476 0x1b84  LanmanServer - ok
18:25:41.0569 0x1b84  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:25:41.0601 0x1b84  LanmanWorkstation - ok
18:25:41.0632 0x1b84  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
18:25:41.0694 0x1b84  lfsvc - ok
18:25:41.0710 0x1b84  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
18:25:41.0726 0x1b84  LGBusEnum - ok
18:25:41.0741 0x1b84  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\Windows\system32\drivers\LGJoyXlCore.sys
18:25:41.0741 0x1b84  LGJoyXlCore - ok
18:25:41.0757 0x1b84  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:25:41.0773 0x1b84  LGVirHid - ok
18:25:41.0773 0x1b84  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:25:41.0788 0x1b84  lltdio - ok
18:25:41.0804 0x1b84  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:25:41.0835 0x1b84  lltdsvc - ok
18:25:41.0851 0x1b84  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
18:25:41.0866 0x1b84  LMDriver - ok
18:25:41.0898 0x1b84  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:25:41.0976 0x1b84  lmhosts - ok
18:25:42.0085 0x1b84  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:25:42.0101 0x1b84  LMS - ok
18:25:42.0132 0x1b84  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:25:42.0148 0x1b84  LSI_SAS - ok
18:25:42.0163 0x1b84  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:25:42.0163 0x1b84  LSI_SAS2 - ok
18:25:42.0179 0x1b84  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
18:25:42.0179 0x1b84  LSI_SAS3 - ok
18:25:42.0194 0x1b84  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:25:42.0194 0x1b84  LSI_SSS - ok
18:25:42.0273 0x1b84  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
18:25:42.0319 0x1b84  LSM - ok
18:25:42.0335 0x1b84  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:25:42.0366 0x1b84  luafv - ok
18:25:42.0398 0x1b84  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:25:42.0413 0x1b84  MBAMProtector - ok
18:25:42.0569 0x1b84  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:25:42.0726 0x1b84  MBAMScheduler - ok
18:25:43.0023 0x1b84  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:25:43.0070 0x1b84  MBAMService - ok
18:25:43.0085 0x1b84  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:25:43.0101 0x1b84  MBAMSwissArmy - ok
18:25:43.0116 0x1b84  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:25:43.0116 0x1b84  MBAMWebAccessControl - ok
18:25:43.0132 0x1b84  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
18:25:43.0148 0x1b84  megasas - ok
18:25:43.0163 0x1b84  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
18:25:43.0179 0x1b84  megasr - ok
18:25:43.0195 0x1b84  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:25:43.0210 0x1b84  MEIx64 - ok
18:25:43.0226 0x1b84  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
18:25:43.0241 0x1b84  MMCSS - ok
18:25:43.0257 0x1b84  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
18:25:43.0288 0x1b84  Modem - ok
18:25:43.0304 0x1b84  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:25:43.0320 0x1b84  monitor - ok
18:25:43.0335 0x1b84  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:25:43.0335 0x1b84  mouclass - ok
18:25:43.0351 0x1b84  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:25:43.0382 0x1b84  mouhid - ok
18:25:43.0413 0x1b84  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:25:43.0413 0x1b84  mountmgr - ok
18:25:43.0460 0x1b84  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:25:43.0476 0x1b84  mpsdrv - ok
18:25:43.0570 0x1b84  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:25:43.0616 0x1b84  MpsSvc - ok
18:25:43.0648 0x1b84  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:25:43.0695 0x1b84  MRxDAV - ok
18:25:43.0726 0x1b84  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:25:43.0773 0x1b84  mrxsmb - ok
18:25:43.0804 0x1b84  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:25:43.0851 0x1b84  mrxsmb10 - ok
18:25:43.0913 0x1b84  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:25:44.0054 0x1b84  mrxsmb20 - ok
18:25:44.0157 0x1b84  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:25:44.0182 0x1b84  MsBridge - ok
18:25:44.0214 0x1b84  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
18:25:44.0229 0x1b84  MSDTC - ok
18:25:44.0245 0x1b84  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:25:44.0245 0x1b84  Msfs - ok
18:25:44.0260 0x1b84  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:25:44.0276 0x1b84  msgpiowin32 - ok
18:25:44.0292 0x1b84  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:25:44.0292 0x1b84  mshidkmdf - ok
18:25:44.0307 0x1b84  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:25:44.0339 0x1b84  mshidumdf - ok
18:25:44.0339 0x1b84  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:25:44.0370 0x1b84  msisadrv - ok
18:25:44.0386 0x1b84  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:25:44.0401 0x1b84  MSiSCSI - ok
18:25:44.0417 0x1b84  msiserver - ok
18:25:44.0417 0x1b84  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:25:44.0464 0x1b84  MSKSSRV - ok
18:25:44.0479 0x1b84  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:25:44.0526 0x1b84  MsLldp - ok
18:25:44.0557 0x1b84  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:25:44.0589 0x1b84  MSPCLOCK - ok
18:25:44.0604 0x1b84  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:25:44.0651 0x1b84  MSPQM - ok
18:25:44.0682 0x1b84  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:25:44.0698 0x1b84  MsRPC - ok
18:25:44.0714 0x1b84  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:25:44.0714 0x1b84  mssmbios - ok
18:25:44.0714 0x1b84  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:25:44.0729 0x1b84  MSTEE - ok
18:25:44.0729 0x1b84  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:25:44.0745 0x1b84  MTConfig - ok
18:25:44.0776 0x1b84  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
18:25:44.0776 0x1b84  Mup - ok
18:25:44.0792 0x1b84  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:25:44.0792 0x1b84  mvumis - ok
18:25:44.0854 0x1b84  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
18:25:44.0885 0x1b84  napagent - ok
18:25:44.0917 0x1b84  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:25:44.0932 0x1b84  NativeWifiP - ok
18:25:44.0964 0x1b84  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:25:44.0979 0x1b84  NcaSvc - ok
18:25:45.0011 0x1b84  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
18:25:45.0042 0x1b84  NcbService - ok
18:25:45.0073 0x1b84  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:25:45.0120 0x1b84  NcdAutoSetup - ok
18:25:45.0151 0x1b84  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:25:45.0182 0x1b84  NDIS - ok
18:25:45.0198 0x1b84  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:25:45.0229 0x1b84  NdisCap - ok
18:25:45.0245 0x1b84  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:25:45.0276 0x1b84  NdisImPlatform - ok
18:25:45.0307 0x1b84  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:25:45.0354 0x1b84  NdisTapi - ok
18:25:45.0370 0x1b84  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:25:45.0432 0x1b84  Ndisuio - ok
18:25:45.0448 0x1b84  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
18:25:45.0495 0x1b84  NdisVirtualBus - ok
18:25:45.0557 0x1b84  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:45.0589 0x1b84  NdisWan - ok
18:25:45.0604 0x1b84  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:45.0632 0x1b84  NdisWanLegacy - ok
18:25:45.0650 0x1b84  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:25:45.0683 0x1b84  NDProxy - ok
18:25:45.0712 0x1b84  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:25:45.0963 0x1b84  Ndu - ok
18:25:45.0994 0x1b84  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:25:46.0041 0x1b84  NetBIOS - ok
18:25:46.0056 0x1b84  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:25:46.0103 0x1b84  NetBT - ok
18:25:46.0134 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
18:25:46.0150 0x1b84  Netlogon - ok
18:25:46.0197 0x1b84  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
18:25:46.0212 0x1b84  Netman - ok
18:25:46.0244 0x1b84  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:25:46.0259 0x1b84  netprofm - ok
18:25:46.0416 0x1b84  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:25:46.0494 0x1b84  NetTcpPortSharing - ok
18:25:46.0525 0x1b84  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
18:25:46.0556 0x1b84  netvsc - ok
18:25:46.0587 0x1b84  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:25:46.0603 0x1b84  NlaSvc - ok
18:25:46.0619 0x1b84  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:25:46.0634 0x1b84  Npfs - ok
18:25:46.0650 0x1b84  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:25:46.0744 0x1b84  npsvctrig - ok
18:25:46.0806 0x1b84  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
18:25:46.0884 0x1b84  nsi - ok
18:25:46.0916 0x1b84  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:25:46.0947 0x1b84  nsiproxy - ok
18:25:47.0166 0x1b84  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:25:47.0244 0x1b84  Ntfs - ok
18:25:47.0244 0x1b84  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
18:25:47.0259 0x1b84  Null - ok
18:25:48.0213 0x1b84  [ 616D9A6F59FA604612E4B25AAF36BFCA, 6634F3091A07E2BE0E38622C604BE7589020D9FA47A0A15A3161CA0BBAECB33D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:25:48.0541 0x1b84  nvlddmkm - ok
18:25:48.0760 0x1b84  [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:25:48.0822 0x1b84  NvNetworkService - ok
18:25:48.0853 0x1b84  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:25:48.0853 0x1b84  nvraid - ok
18:25:48.0869 0x1b84  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:25:48.0885 0x1b84  nvstor - ok
18:25:48.0900 0x1b84  [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:25:48.0916 0x1b84  NvStreamKms - ok
18:25:49.0291 0x1b84  [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:25:49.0713 0x1b84  NvStreamNetworkSvc - ok
18:25:49.0963 0x1b84  [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:25:50.0103 0x1b84  NvStreamSvc - ok
18:25:50.0150 0x1b84  [ 4DFABFC1A31FDE2BDB0AB577CD313D70, 1A517D4FED4B0B8BA1365EF6839BB006EF5E7C4CCC630470B8E239753FC5394F ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:25:50.0166 0x1b84  nvsvc - ok
18:25:50.0229 0x1b84  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:25:50.0244 0x1b84  nvvad_WaveExtensible - ok
18:25:50.0260 0x1b84  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:25:50.0291 0x1b84  nv_agp - ok
18:25:50.0338 0x1b84  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:25:50.0354 0x1b84  ose - ok
18:25:50.0385 0x1b84  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:25:50.0416 0x1b84  p2pimsvc - ok
18:25:50.0494 0x1b84  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
18:25:50.0604 0x1b84  p2psvc - ok
18:25:50.0650 0x1b84  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
18:25:50.0681 0x1b84  Parport - ok
18:25:50.0697 0x1b84  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:25:50.0713 0x1b84  partmgr - ok
18:25:50.0797 0x1b84  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:25:50.0820 0x1b84  PcaSvc - ok
18:25:50.0852 0x1b84  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
18:25:50.0852 0x1b84  pci - ok
18:25:50.0915 0x1b84  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:25:50.0931 0x1b84  pciide - ok
18:25:50.0993 0x1b84  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:25:51.0024 0x1b84  pcmcia - ok
18:25:51.0054 0x1b84  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:25:51.0066 0x1b84  pcw - ok
18:25:51.0102 0x1b84  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\Windows\system32\drivers\pdc.sys
18:25:51.0118 0x1b84  pdc - ok
18:25:51.0180 0x1b84  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:25:51.0258 0x1b84  PEAUTH - ok
18:25:52.0055 0x1b84  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:25:52.0258 0x1b84  PerfHost - ok
18:25:52.0430 0x1b84  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
18:25:52.0493 0x1b84  pla - ok
18:25:52.0539 0x1b84  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:25:52.0571 0x1b84  PlugPlay - ok
18:25:52.0633 0x1b84  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:25:52.0664 0x1b84  PNRPAutoReg - ok
18:25:52.0727 0x1b84  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:25:52.0743 0x1b84  PNRPsvc - ok
18:25:52.0790 0x1b84  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:25:52.0821 0x1b84  PolicyAgent - ok
18:25:52.0852 0x1b84  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
18:25:53.0149 0x1b84  Power - ok
18:25:53.0587 0x1b84  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:25:53.0868 0x1b84  PrintNotify - ok
18:25:53.0899 0x1b84  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
18:25:53.0930 0x1b84  Processor - ok
18:25:53.0946 0x1b84  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:25:53.0977 0x1b84  ProfSvc - ok
18:25:54.0008 0x1b84  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:25:54.0040 0x1b84  Psched - ok
18:25:54.0071 0x1b84  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
18:25:54.0118 0x1b84  QWAVE - ok
18:25:54.0149 0x1b84  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:25:54.0165 0x1b84  QWAVEdrv - ok
18:25:54.0196 0x1b84  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
18:25:54.0212 0x1b84  RadioShim - ok
18:25:54.0227 0x1b84  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:25:54.0258 0x1b84  RasAcd - ok
18:25:54.0290 0x1b84  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
18:25:54.0321 0x1b84  RasAuto - ok
18:25:54.0383 0x1b84  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
18:25:54.0415 0x1b84  RasMan - ok
18:25:54.0446 0x1b84  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:25:54.0477 0x1b84  RasPppoe - ok
18:25:54.0493 0x1b84  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:25:54.0571 0x1b84  rdbss - ok
18:25:54.0587 0x1b84  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:25:54.0649 0x1b84  rdpbus - ok
18:25:54.0665 0x1b84  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:25:54.0758 0x1b84  RDPDR - ok
18:25:54.0790 0x1b84  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:25:54.0806 0x1b84  RdpVideoMiniport - ok
18:25:54.0993 0x1b84  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:25:55.0024 0x1b84  rdyboost - ok
18:25:55.0321 0x1b84  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
18:25:55.0384 0x1b84  ReFS - ok
18:25:55.0477 0x1b84  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:25:55.0670 0x1b84  RemoteAccess - ok
18:25:55.0716 0x1b84  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:25:55.0757 0x1b84  RemoteRegistry - ok
18:25:55.0796 0x1b84  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:25:55.0807 0x1b84  RFCOMM - ok
18:25:56.0180 0x1b84  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:25:56.0258 0x1b84  RichVideo - ok
18:25:56.0336 0x1b84  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:25:56.0414 0x1b84  RpcEptMapper - ok
18:25:56.0461 0x1b84  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
18:25:56.0492 0x1b84  RpcLocator - ok
18:25:56.0571 0x1b84  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll
18:25:56.0602 0x1b84  RpcSs - ok
18:25:56.0617 0x1b84  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:25:56.0696 0x1b84  rspndr - ok
18:25:56.0711 0x1b84  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
18:25:56.0727 0x1b84  RSUSBVSTOR - ok
18:25:56.0742 0x1b84  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:25:56.0790 0x1b84  s3cap - ok
18:25:56.0806 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
18:25:56.0806 0x1b84  SamSs - ok
18:25:56.0821 0x1b84  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:25:56.0821 0x1b84  sbp2port - ok
18:25:56.0868 0x1b84  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:25:56.0899 0x1b84  SCardSvr - ok
18:25:56.0931 0x1b84  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
18:25:56.0962 0x1b84  ScDeviceEnum - ok
18:25:56.0978 0x1b84  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:25:56.0978 0x1b84  scfilter - ok
18:25:57.0024 0x1b84  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
18:25:57.0103 0x1b84  Schedule - ok
18:25:57.0134 0x1b84  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:25:57.0149 0x1b84  SCPolicySvc - ok
18:25:57.0149 0x1b84  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:25:57.0165 0x1b84  sdbus - ok
18:25:57.0196 0x1b84  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:25:57.0196 0x1b84  sdstor - ok
18:25:57.0212 0x1b84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:25:57.0243 0x1b84  secdrv - ok
18:25:57.0400 0x1b84  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
18:25:57.0509 0x1b84  seclogon - ok
18:25:57.0525 0x1b84  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
18:25:57.0540 0x1b84  SENS - ok
18:25:57.0587 0x1b84  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:25:57.0681 0x1b84  SensrSvc - ok
18:25:57.0743 0x1b84  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:25:57.0759 0x1b84  SerCx - ok
18:25:57.0775 0x1b84  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
18:25:57.0790 0x1b84  SerCx2 - ok
18:25:57.0806 0x1b84  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:25:57.0821 0x1b84  Serenum - ok
18:25:57.0837 0x1b84  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
18:25:57.0868 0x1b84  Serial - ok
18:25:57.0868 0x1b84  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:25:57.0884 0x1b84  sermouse - ok
18:25:57.0915 0x1b84  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
18:25:57.0931 0x1b84  SessionEnv - ok
18:25:57.0946 0x1b84  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:25:57.0978 0x1b84  sfloppy - ok
18:25:58.0024 0x1b84  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:25:58.0056 0x1b84  SharedAccess - ok
18:25:58.0150 0x1b84  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:25:58.0181 0x1b84  ShellHWDetection - ok
18:25:58.0181 0x1b84  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:25:58.0196 0x1b84  SiSRaid2 - ok
18:25:58.0196 0x1b84  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:25:58.0196 0x1b84  SiSRaid4 - ok
18:25:58.0228 0x1b84  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:25:58.0243 0x1b84  SkypeUpdate - ok
18:25:58.0275 0x1b84  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
18:25:58.0321 0x1b84  smphost - ok
18:25:58.0337 0x1b84  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:25:58.0368 0x1b84  SNMPTRAP - ok
18:25:58.0399 0x1b84  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:25:58.0415 0x1b84  spaceport - ok
18:25:58.0431 0x1b84  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:25:58.0431 0x1b84  SpbCx - ok
18:25:58.0462 0x1b84  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\Windows\System32\spoolsv.exe
18:25:58.0524 0x1b84  Spooler - ok
18:25:58.0774 0x1b84  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:25:58.0900 0x1b84  sppsvc - ok
18:25:59.0025 0x1b84  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:25:59.0165 0x1b84  srv - ok
18:25:59.0243 0x1b84  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:25:59.0306 0x1b84  srv2 - ok
18:25:59.0322 0x1b84  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:25:59.0353 0x1b84  srvnet - ok
18:25:59.0384 0x1b84  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:25:59.0415 0x1b84  SSDPSRV - ok
18:25:59.0462 0x1b84  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:25:59.0509 0x1b84  SstpSvc - ok
18:25:59.0556 0x1b84  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:25:59.0572 0x1b84  ssudmdm - ok
18:25:59.0634 0x1b84  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:25:59.0665 0x1b84  Steam Client Service - ok
18:25:59.0697 0x1b84  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:25:59.0697 0x1b84  stexstor - ok
18:25:59.0728 0x1b84  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:25:59.0775 0x1b84  StillCam - ok
18:25:59.0806 0x1b84  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
18:25:59.0869 0x1b84  stisvc - ok
18:25:59.0884 0x1b84  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:25:59.0884 0x1b84  storahci - ok
18:25:59.0900 0x1b84  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:25:59.0900 0x1b84  storflt - ok
18:25:59.0915 0x1b84  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
18:25:59.0915 0x1b84  stornvme - ok
18:25:59.0962 0x1b84  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
18:26:00.0009 0x1b84  StorSvc - ok
18:26:00.0025 0x1b84  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:26:00.0040 0x1b84  storvsc - ok
18:26:00.0040 0x1b84  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
18:26:00.0072 0x1b84  svsvc - ok
18:26:00.0087 0x1b84  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
18:26:00.0087 0x1b84  swenum - ok
18:26:00.0134 0x1b84  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
18:26:00.0150 0x1b84  swprv - ok
18:26:00.0165 0x1b84  [ B5E2DD0C1EEB5A6089F846E714283610, C3135E4587BD17B8371C9DFF1803BA8774549C5F02C9399EC1D49BC1853BEED0 ] SynRMIHID       C:\Windows\system32\DRIVERS\SynRMIHID.sys
18:26:00.0181 0x1b84  SynRMIHID - ok
18:26:00.0212 0x1b84  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
18:26:00.0275 0x1b84  SysMain - ok
18:26:00.0353 0x1b84  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:26:00.0384 0x1b84  SystemEventsBroker - ok
18:26:00.0462 0x1b84  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:00.0556 0x1b84  TabletInputService - ok
18:26:00.0587 0x1b84  [ FEB710154EDF9B2A15E863E262B5BEE1, F05126CBC5688AB48086DB85CD50A84150EAFFCA779B662E21F2E395BD0E5466 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:26:00.0603 0x1b84  tap0901 - ok
18:26:00.0657 0x1b84  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:26:00.0696 0x1b84  TapiSrv - ok
18:26:00.0868 0x1b84  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:26:01.0009 0x1b84  Tcpip - ok
18:26:01.0164 0x1b84  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:01.0227 0x1b84  TCPIP6 - ok
18:26:01.0242 0x1b84  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:01.0273 0x1b84  tcpipreg - ok
18:26:01.0273 0x1b84  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:26:01.0305 0x1b84  tdx - ok
18:26:01.0320 0x1b84  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:26:01.0336 0x1b84  terminpt - ok
18:26:01.0367 0x1b84  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
18:26:01.0539 0x1b84  TermService - ok
18:26:01.0570 0x1b84  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
18:26:01.0602 0x1b84  Themes - ok
18:26:01.0664 0x1b84  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:26:01.0680 0x1b84  THREADORDER - ok
18:26:01.0773 0x1b84  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:26:01.0914 0x1b84  TimeBroker - ok
18:26:01.0945 0x1b84  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:26:01.0961 0x1854  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
18:26:01.0977 0x1b84  TPM - ok
18:26:02.0008 0x1b84  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:02.0039 0x1b84  TrkWks - ok
18:26:02.0055 0x1b84  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:02.0117 0x1b84  TrustedInstaller - ok
18:26:02.0133 0x1b84  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:02.0211 0x1b84  TsUsbFlt - ok
18:26:02.0227 0x1b84  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:26:02.0242 0x1b84  TsUsbGD - ok
18:26:02.0258 0x1b84  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:02.0492 0x1b84  tunnel - ok
18:26:02.0492 0x1b84  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:26:02.0523 0x1b84  uagp35 - ok
18:26:02.0523 0x1b84  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:26:02.0539 0x1b84  UASPStor - ok
18:26:02.0570 0x1b84  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:26:02.0570 0x1b84  UCX01000 - ok
18:26:02.0602 0x1b84  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:02.0633 0x1b84  udfs - ok
18:26:02.0664 0x1b84  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
18:26:02.0664 0x1b84  UEFI - ok
18:26:02.0695 0x1b84  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:26:02.0742 0x1b84  UI0Detect - ok
18:26:02.0758 0x1b84  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:02.0773 0x1b84  uliagpkx - ok
18:26:02.0773 0x1b84  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:26:02.0805 0x1b84  umbus - ok
18:26:02.0821 0x1b84  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:26:02.0867 0x1b84  UmPass - ok
18:26:02.0899 0x1b84  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:26:02.0945 0x1b84  UmRdpService - ok
18:26:02.0961 0x1b84  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
18:26:02.0992 0x1b84  upnphost - ok
18:26:03.0024 0x1b84  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
18:26:03.0102 0x1b84  USBAAPL64 - ok
18:26:03.0149 0x1b84  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:26:03.0180 0x1b84  usbccgp - ok
18:26:03.0180 0x1b84  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:26:03.0195 0x1b84  usbcir - ok
18:26:03.0242 0x1b84  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:26:03.0258 0x1b84  usbehci - ok
18:26:03.0352 0x1b84  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:26:03.0399 0x1b84  usbhub - ok
18:26:03.0445 0x1b84  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:26:03.0586 0x1b84  USBHUB3 - ok
18:26:03.0617 0x1b84  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:26:03.0946 0x1b84  usbohci - ok
18:26:03.0977 0x1b84  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:26:04.0024 0x1b84  usbprint - ok
18:26:04.0055 0x1b84  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:26:04.0086 0x1b84  USBSTOR - ok
18:26:04.0086 0x1b84  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:26:04.0117 0x1b84  usbuhci - ok
18:26:04.0133 0x1b84  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:26:04.0180 0x1b84  usbvideo - ok
18:26:04.0195 0x1b84  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:26:04.0211 0x1b84  USBXHCI - ok
18:26:04.0227 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:04.0227 0x1b84  VaultSvc - ok
18:26:04.0227 0x1b84  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:04.0242 0x1b84  vdrvroot - ok
18:26:04.0367 0x1b84  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
18:26:04.0430 0x1854  Object send P2P result: true
18:26:04.0430 0x1854  Object required for P2P: [ 4DDC45ACA9EEAB337F6D8E50C87CF1BF ] ClickToRunSvc
18:26:04.0524 0x1b84  vds - ok
18:26:04.0539 0x1b84  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:26:04.0555 0x1b84  VerifierExt - ok
18:26:04.0586 0x1b84  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:26:04.0602 0x1b84  vhdmp - ok
18:26:04.0617 0x1b84  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:04.0617 0x1b84  viaide - ok
18:26:04.0649 0x1b84  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:26:04.0680 0x1b84  vmbus - ok
18:26:04.0696 0x1b84  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:26:04.0711 0x1b84  VMBusHID - ok
18:26:04.0742 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:26:04.0774 0x1b84  vmicguestinterface - ok
18:26:04.0789 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:26:04.0806 0x1b84  vmicheartbeat - ok
18:26:04.0821 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:26:04.0821 0x1b84  vmickvpexchange - ok
18:26:04.0837 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:26:04.0852 0x1b84  vmicrdv - ok
18:26:04.0868 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:26:04.0884 0x1b84  vmicshutdown - ok
18:26:04.0946 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:26:04.0977 0x1b84  vmictimesync - ok
18:26:04.0977 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
18:26:04.0993 0x1b84  vmicvss - ok
18:26:05.0024 0x1b84  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:05.0024 0x1b84  volmgr - ok
18:26:05.0040 0x1b84  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:26:05.0056 0x1b84  volmgrx - ok
18:26:05.0102 0x1b84  [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:26:05.0134 0x1b84  volsnap - ok
18:26:05.0462 0x1b84  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:26:05.0524 0x1b84  vpci - ok
18:26:05.0540 0x1b84  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:26:05.0571 0x1b84  vsmraid - ok
18:26:05.0711 0x1b84  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
18:26:05.0851 0x1b84  VSS - ok
18:26:05.0868 0x1b84  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:26:05.0899 0x1b84  VSTXRAID - ok
18:26:05.0899 0x1b84  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:26:05.0987 0x1b84  vwifibus - ok
18:26:06.0009 0x1b84  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:06.0040 0x1b84  vwififlt - ok
18:26:06.0040 0x1b84  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:06.0056 0x1b84  vwifimp - ok
18:26:06.0118 0x1b84  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
18:26:06.0149 0x1b84  W32Time - ok
18:26:06.0149 0x1b84  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:26:06.0165 0x1b84  WacomPen - ok
18:26:06.0243 0x1b84  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
18:26:06.0289 0x1b84  wbengine - ok
18:26:06.0305 0x1b84  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:26:06.0321 0x1b84  WbioSrvc - ok
18:26:06.0368 0x1b84  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:26:06.0415 0x1b84  Wcmsvc - ok
18:26:06.0743 0x1b84  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:26:06.0774 0x1b84  wcncsvc - ok
18:26:06.0805 0x1b84  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:06.0821 0x1b84  WcsPlugInService - ok
18:26:06.0836 0x1b84  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:26:06.0852 0x1b84  WdBoot - ok
18:26:06.0883 0x1b84  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:26:06.0883 0x1854  Object send P2P result: true
18:26:06.0883 0x1854  Object required for P2P: [ 6066FDFF6E02A0F1F2584EBC9D4A1E63 ] ePowerSvc
18:26:06.0899 0x1b84  Wdf01000 - ok
18:26:07.0008 0x1b84  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:26:07.0040 0x1b84  WdFilter - ok
18:26:07.0086 0x1b84  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:26:07.0118 0x1b84  WdiServiceHost - ok
18:26:07.0118 0x1b84  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:26:07.0133 0x1b84  WdiSystemHost - ok
18:26:07.0165 0x1b84  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
18:26:07.0180 0x1b84  WdNisDrv - ok
18:26:07.0180 0x1b84  WdNisSvc - ok
18:26:07.0211 0x1b84  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
18:26:07.0243 0x1b84  WebClient - ok
18:26:07.0274 0x1b84  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:26:07.0305 0x1b84  Wecsvc - ok
18:26:07.0321 0x1b84  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
18:26:07.0336 0x1b84  WEPHOSTSVC - ok
18:26:07.0352 0x1b84  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:26:07.0399 0x1b84  wercplsupport - ok
18:26:07.0430 0x1b84  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
18:26:07.0461 0x1b84  WerSvc - ok
18:26:07.0493 0x1b84  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:26:07.0508 0x1b84  WFPLWFS - ok
18:26:07.0540 0x1b84  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:26:07.0571 0x1b84  WiaRpc - ok
18:26:07.0618 0x1b84  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:26:07.0618 0x1b84  WIMMount - ok
18:26:07.0618 0x1b84  WinDefend - ok
18:26:07.0680 0x1b84  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:26:07.0711 0x1b84  WinHttpAutoProxySvc - ok
18:26:07.0805 0x1b84  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:26:07.0899 0x1b84  Winmgmt - ok
18:26:08.0290 0x1b84  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:26:08.0415 0x1b84  WinRM - ok
18:26:08.0430 0x1b84  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
18:26:08.0446 0x1b84  WinUsb - ok
18:26:08.0680 0x1b84  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:26:08.0727 0x1b84  WlanSvc - ok
18:26:08.0789 0x1b84  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:26:08.0852 0x1b84  wlidsvc - ok
18:26:08.0884 0x1b84  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
18:26:08.0884 0x1b84  WmBEnum - ok
18:26:08.0899 0x1b84  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
18:26:08.0899 0x1b84  WmFilter - ok
18:26:08.0915 0x1b84  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
18:26:08.0915 0x1b84  WmHidLo - ok
18:26:08.0946 0x1b84  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:26:08.0977 0x1b84  WmiAcpi - ok
18:26:08.0977 0x1b84  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:26:08.0993 0x1b84  wmiApSrv - ok
18:26:09.0024 0x1b84  WMPNetworkSvc - ok
18:26:09.0024 0x1b84  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
18:26:09.0040 0x1b84  WmVirHid - ok
18:26:09.0040 0x1b84  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
18:26:09.0055 0x1b84  WmXlCore - ok
18:26:09.0071 0x1b84  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
18:26:09.0071 0x1b84  Wof - ok
18:26:09.0149 0x1b84  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
18:26:09.0227 0x1b84  workfolderssvc - ok
18:26:09.0259 0x1b84  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:26:09.0259 0x1b84  wpcfltr - ok
18:26:09.0274 0x1b84  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:26:09.0290 0x1b84  WPCSvc - ok
18:26:09.0290 0x1b84  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:26:09.0321 0x1b84  WPDBusEnum - ok
18:26:09.0337 0x1854  Object send P2P result: true
18:26:09.0337 0x1b84  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:26:09.0352 0x1854  Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
18:26:09.0352 0x1b84  WpdUpFltr - ok
18:26:09.0352 0x1b84  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:26:09.0368 0x1b84  ws2ifsl - ok
18:26:09.0399 0x1b84  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
18:26:09.0430 0x1b84  wscsvc - ok
18:26:09.0477 0x1b84  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
18:26:09.0493 0x1b84  WSDPrintDevice - ok
18:26:09.0493 0x1b84  WSearch - ok
18:26:09.0712 0x1b84  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
18:26:09.0774 0x1b84  WSService - ok
18:26:10.0133 0x1b84  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
18:26:10.0290 0x1b84  wuauserv - ok
18:26:10.0337 0x1b84  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:26:10.0399 0x1b84  WudfPf - ok
18:26:10.0477 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0540 0x1b84  WUDFRd - ok
18:26:10.0587 0x1b84  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:26:10.0602 0x1b84  wudfsvc - ok
18:26:10.0634 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0649 0x1b84  WUDFWpdFs - ok
18:26:10.0665 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0665 0x1b84  WUDFWpdMtp - ok
18:26:10.0758 0x1b84  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:26:10.0799 0x1b84  WwanSvc - ok
18:26:10.0799 0x1b84  ================ Scan global ===============================
18:26:10.0867 0x1b84  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
18:26:10.0914 0x1b84  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:26:11.0087 0x1b84  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:26:11.0148 0x1b84  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
18:26:11.0180 0x1b84  [ Global ] - ok
18:26:11.0180 0x1b84  ================ Scan MBR ==================================
18:26:11.0195 0x1b84  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:26:11.0445 0x1b84  \Device\Harddisk0\DR0 - ok
18:26:11.0445 0x1b84  ================ Scan VBR ==================================
18:26:11.0445 0x1b84  [ EC45974F7801DD450ADB2449DB229B2D ] \Device\Harddisk0\DR0\Partition1
18:26:11.0492 0x1b84  \Device\Harddisk0\DR0\Partition1 - ok
18:26:11.0508 0x1b84  [ 52B239203A6D092EFD073045923B7AF3 ] \Device\Harddisk0\DR0\Partition2
18:26:11.0523 0x1b84  \Device\Harddisk0\DR0\Partition2 - ok
18:26:11.0539 0x1b84  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:26:11.0539 0x1b84  \Device\Harddisk0\DR0\Partition3 - ok
18:26:11.0555 0x1b84  [ EFB17E60D26D59F529D4934C1FB4393F ] \Device\Harddisk0\DR0\Partition4
18:26:11.0570 0x1b84  \Device\Harddisk0\DR0\Partition4 - ok
18:26:11.0570 0x1b84  [ 882DD736F3834B90EDD049D407F8A76B ] \Device\Harddisk0\DR0\Partition5
18:26:11.0602 0x1b84  \Device\Harddisk0\DR0\Partition5 - ok
18:26:11.0602 0x1b84  [ 434963123BC6663D837861F892CA8063 ] \Device\Harddisk0\DR0\Partition6
18:26:11.0617 0x1b84  \Device\Harddisk0\DR0\Partition6 - ok
18:26:11.0617 0x1b84  ================ Scan generic autorun ======================
18:26:11.0695 0x1b84  [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:26:11.0742 0x1b84  NvBackend - ok
18:26:11.0789 0x1b84  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:26:11.0805 0x1854  Object send P2P result: true
18:26:11.0805 0x1854  Object required for P2P: [ 4DFABFC1A31FDE2BDB0AB577CD313D70 ] nvsvc
18:26:11.0852 0x1b84  ShadowPlay - ok
18:26:12.0180 0x1b84  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:26:12.0523 0x1b84  RtHDVCpl - ok
18:26:12.0680 0x1b84  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:26:12.0711 0x1b84  RtHDVBg_Dolby - ok
18:26:12.0727 0x1b84  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
18:26:12.0727 0x1b84  Start WingMan Profiler - ok
18:26:12.0742 0x1b84  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:26:12.0742 0x1b84  iTunesHelper - ok
18:26:12.0945 0x1b84  [ BB6D5374E353F1D5056AAD013BA93E45, 1915E6AB43C6110B46E4C9C8AF1DE2C26AE9255C8D3294D5D2B829D3025E6AD1 ] C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
18:26:13.0211 0x1b84  Intel Privacy Notification Tool - ok
18:26:13.0289 0x1b84  [ 5D666FC778E7754CC7103402D814809B, 7E9B205B74440D455155014EE8D6FD0D1C647B016D72A28F16709F50BC005D3F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
18:26:13.0320 0x1b84  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:14.0258 0x1854  Object send P2P result: true
18:26:14.0274 0x1854  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
18:26:15.0760 0x1b84  Detect skipped due to KSN trusted
18:26:15.0760 0x1b84  ControlCenter4 - ok
18:26:15.0899 0x1b84  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:26:16.0025 0x1b84  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:16.0728 0x1854  Object send P2P result: true
18:26:20.0269 0x1b84  Detect skipped due to KSN trusted
18:26:20.0269 0x1b84  BrStsMon00 - ok
18:26:20.0322 0x1b84  RazerCortex - ok
18:26:20.0400 0x1b84  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe
18:26:20.0447 0x1b84  Steam - ok
18:26:20.0509 0x1b84  [ C29061010881C9174CD45C24E33C56D2, D54BD088047CEE35CEDCDFC330321B84AA0583680C6814C8ECB91B8B75965E90 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:26:20.0541 0x1b84  GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5 - ok
18:26:20.0541 0x1b84  [ EF39E08738EEED7D7BE6AE6442DCAD5B, 5A7AEEDFE5084FBE155EAC6A4BFD3CCF7C69FB9BE0BCA76C5141F71243D74610 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
18:26:20.0556 0x1b84  Allway Sync - ok
18:26:20.0763 0x1b84  [ C224456660839CFCAD2CD8DFB293F38B, D99B862217BBF99BF26B78615B3FDC1484607BA0A34E61C445345CD8D49501D4 ] C:\Program Files\CCleaner\CCleaner64.exe
18:26:20.0899 0x1b84  CCleaner Monitoring - ok
18:26:20.0899 0x1b84  Waiting for KSN requests completion. In queue: 144
18:26:21.0914 0x1b84  Waiting for KSN requests completion. In queue: 144
18:26:22.0070 0x1858  Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
18:26:22.0914 0x1b84  Waiting for KSN requests completion. In queue: 112
18:26:23.0446 0x1608  Object required for P2P: [ C29061010881C9174CD45C24E33C56D2 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:26:23.0930 0x1b84  Waiting for KSN requests completion. In queue: 111
18:26:24.0618 0x1858  Object send P2P result: true
18:26:24.0946 0x1b84  Waiting for KSN requests completion. In queue: 3
18:26:25.0946 0x1b84  Waiting for KSN requests completion. In queue: 3
18:26:26.0040 0x1608  Object send P2P result: true
18:26:26.0993 0x1b84  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:26:27.0009 0x1b84  Win FW state via NFP2: enabled ( trusted )
18:26:29.0415 0x1b84  ============================================================
18:26:29.0415 0x1b84  Scan finished
18:26:29.0415 0x1b84  ============================================================
18:26:29.0415 0x041c  Detected object count: 0
18:26:29.0415 0x041c  Actual detected object count: 0
18:26:44.0959 0x1bf8  Deinitialize success

Jan02 · 21.04.2016, 17:53

Code:

ATTFilter

Farbar Service Scanner Version: 27-01-2016
Ran by Jan (administrator) on 21-04-2016 at 18:52:45
Running from "C:\Users\Jan\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

burningice · 22.04.2016, 15:57

Öffne wieder FRST und kopiere das folgende in das weiße Feld:

Code:

ATTFilter

MsMpEng.exe

Drücke dann auf dem Button "Dateisuche".

Es wird eine Search.txt erstellt werden, bitte poste diese wieder hier.

Jan02 · 22.04.2016, 16:20

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-22 17:15:13)
Gestartet von C:\Users\Jan\Desktop
Start-Modus: Normal

================== Datei-Suche: "MsMpEng.exe" =============

C:\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.3.9600.17927_none_b6a857db2a904750\MsMpEng.exe
[2015-08-11 21:04][2015-07-07 11:39] 0023824 ____A (Microsoft Corporation) 039F53336CBC3350C07020857E179878 [Datei ist digital signiert]

C:\Program Files\Windows Defender\MsMpEng.exe
[2015-08-11 21:04][2015-07-07 11:39] 0023824 ____A (Microsoft Corporation) 039F53336CBC3350C07020857E179878 [Datei ist digital signiert]

====== Ende von Suche ======

burningice · 24.04.2016, 22:56

Schritt: 1
Bitte lade dir folgende Datei, speichere sie auf deinem Desktop und führe sie aus. Bestätige dabei alle auftretenden Sicherheitswarnungen:
http://download.bleepingcomputer.com.../WinDefend.reg

Schritt: 2
Starte deinen PC neu.

Schritt: 3
Starte bitte wieder Farbar's Service Scanner

Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

Win 8.1 MPC Cleaner lässt sich nicht entfernen

Log-Analyse und Auswertung: Win 8.1 MPC Cleaner lässt sich nicht entfernen