Probleme bei der Entfernung des "MPC Cleaner's"

swammcrusher · 23.05.2016, 19:44

Guten Abend,

ich gehe mal davon auch das sich der "MPC Cleaner" bei einem Download mit installiert hat. Mir dies daran aufgefallen, ich weiß nicht ob dies ein Symptom davon ist, dann ich im Browser ständig auf alle möglichen Websiten weitergeleitet werden. Bsp: Ich wollte in Google etwas suchen, nach betätigen der Enter Taste, kam ich auf einer Gewinnspielseite raus. Sowas passiert ständig, auf Amazon, Youtube, Twitch usw.

Ich hab hier gelesen, dass jedes Problem für sich selbst spezifisch ist. Daher hab ich bis jetzt noch keine Problemlösungen probiert.

Zudem hat mein Antiviren Programm "Kaspersky Internet Security" nicht Alarm geschlagen. Habe Windows 10 64-Bit als OS.

Ich würde mich freuen wenn mir einer bei diesem Problem behilflich sein könnte.

Im voraus schonmal vielen Dank.

swammcrusher aka Marco

M-K-D-B · 23.05.2016, 21:26

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Der MPC Cleaner schützt sich mit diversen Hooks vor dem Löschen.

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

swammcrusher · 23.05.2016, 22:23

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-05-2016
durchgeführt von Marco (Administrator) auf GAMER_MARCO (23-05-2016 23:17:43)
Gestartet von E:\User\Gamer_Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-10] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe [100864 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [LWS] => F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1326584 2015-11-15] ()
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304 2016-05-11] (Google Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify Web Helper] => C:\Users\Marco\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EADM] => F:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-21] (Electronic Arts)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8538648 2015-11-16] (Binary Fortress Software)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-12-30] ()
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [PureSync] => F:\Program Files (x86)\Pure Sync\PureSyncTray.exe [1025712 2015-12-02] (Jumping Bytes)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify] => C:\Users\Marco\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMAE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\RunOnce: [Uninstall C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\MountPoints2: {59cdb1d5-eada-11e5-9eaa-d8cb8a350237} - "I:\startme.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{5481a273-95bd-4857-9b12-32f0150dfd89}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-10] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-10] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> F:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Extension: Flash and Video Download - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-13]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-04]
FF Extension: Combo - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\combo@yandex.ru.xpi [2016-01-16]
FF Extension: No Flash - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-cplLTTY501TB2Q@jetpack.xpi [2016-05-07]
FF Extension: YouTube™ Flash® Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2016-05-07]
FF Extension: Flash Control - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2016-05-07]
FF Extension: YouTube Flash Video Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://forum.troubletown.de/
CHR StartupUrls: Profile 1 -> "hxxp://www.youtube.com/?gl=DE&hl=de"
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-30]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-07]
CHR Extension: (Google Docs) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-04]
CHR Extension: (Google-Suche) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-12-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-07]
CHR Extension: (Google Tabellen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Desktop Notifications für Android) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-04-19]
CHR Extension: (Lone Tree) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-12-30]
CHR Extension: (Floating for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-01-30]
CHR Extension: (AudioSauna) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-01-04]
CHR Extension: (Until AM for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2015-12-30]
CHR Extension: (Twitch Now) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Wunderlist for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2016-02-05]
CHR Extension: (Click&Clean App) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-05-20]
CHR Extension: (Google Mail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-30]
CHR Extension: (RSS Feed Reader) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-05-02]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls: "hxxp://www.youtube.de/"
OPR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-05-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1933000 2016-02-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-30] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4608040 2015-11-16] (Binary Fortress Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-21] (DotC United Inc)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-21] (Electronic Arts)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40720 2016-01-23] (Google Inc)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
S3 AVer330USB; C:\Windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (AVerMedia TECHNOLOGIES, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-04] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-30] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-30] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-04] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-30] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-30] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-21] (DotC United Inc)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-23 20:32 - 2016-05-23 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-05-23 20:24 - 2016-05-23 23:17 - 00000000 ____D C:\FRST
2016-05-23 20:07 - 2016-05-23 20:31 - 00000000 ____D C:\AdwCleaner
2016-05-23 17:06 - 2016-05-23 17:06 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-05-23 17:06 - 2016-05-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-05-23 17:05 - 2016-05-23 17:06 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-05-23 17:01 - 2016-05-23 17:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LockAP
2016-05-23 16:52 - 2016-05-23 16:52 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LibreOffice
2016-05-21 01:01 - 2016-05-21 21:59 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-21 01:01 - 2016-05-21 01:01 - 00060136 ____N (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-05-20 19:53 - 2016-05-20 19:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-20 19:53 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-11 16:18 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 16:18 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 16:18 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 16:18 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 16:17 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 16:17 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 16:17 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 16:17 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 16:17 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 16:17 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 16:17 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 16:17 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 16:17 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 16:17 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 16:17 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 16:17 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 16:17 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 16:17 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 16:17 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 16:17 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 16:17 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 16:17 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 16:17 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 16:17 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 16:17 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 16:17 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 16:17 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 16:17 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 16:17 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 16:17 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 16:17 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 16:17 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 16:17 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 16:17 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files\iPod
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-07 23:11 - 2016-05-23 22:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-07 23:11 - 2016-05-22 01:12 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-07 23:11 - 2016-05-13 22:24 - 00004028 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-07 23:11 - 2016-05-13 22:24 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-07 23:09 - 2016-05-23 20:15 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-07 23:09 - 2016-05-13 21:54 - 00003984 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1462655346
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Opera Software
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Local\Opera Software
2016-05-07 23:08 - 2016-05-13 21:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-07 18:55 - 2016-05-07 20:30 - 00000000 ____D C:\Users\Marco\AppData\Local\RECentral
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2016-05-07 18:55 - 2015-04-09 08:14 - 01551616 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\WINDOWS\system32\Drivers\AVer330USB.sys
2016-05-07 18:55 - 2014-12-16 10:39 - 00454064 _____ C:\WINDOWS\system32\Drivers\qpvidfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00363832 _____ C:\WINDOWS\system32\Drivers\qpaudfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00125440 _____ (AVerMedia Technology, Inc.) C:\WINDOWS\SysWOW64\PropPage.ax
2016-05-07 18:55 - 2013-04-22 12:00 - 00495616 _____ C:\WINDOWS\SysWOW64\D3DX8ab.dll
2016-05-07 18:55 - 2012-11-25 15:26 - 02365756 _____ C:\WINDOWS\SysWOW64\libfftw3-3.dll
2016-05-07 18:55 - 2012-04-21 06:21 - 01625088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPb72c.rra
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Users\Marco\AppData\Local\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2016-04-29 22:35 - 2016-05-23 20:34 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn Hamachi
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\ProgramData\LogMeIn
2016-04-29 18:35 - 2016-04-29 18:33 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-04-29 18:31 - 2016-04-29 18:31 - 00000000 ____D C:\Users\Marco\SimpleJavaYoutubeUploader
2016-04-29 17:04 - 2016-04-29 17:04 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-29 17:04 - 2016-04-29 17:04 - 00001993 _____ C:\WINDOWS\unins000.dat
2016-04-29 17:04 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-29 17:04 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-29 17:00 - 2016-04-29 17:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Dxtory Software
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\Program Files (x86)\Dxtory Software
2016-04-29 17:00 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\WINDOWS\system32\DxtoryCodec64.dll
2016-04-29 17:00 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\WINDOWS\SysWOW64\DxtoryCodec.dll
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-04-26 14:05 - 2016-05-23 21:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\obs-studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\Program Files (x86)\obs-studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-23 23:13 - 2015-12-30 01:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-23 22:46 - 2016-01-30 17:04 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{522583D8-BE19-41DB-B52F-E4C35B2DE8FD}
2016-05-23 22:45 - 2015-12-30 01:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-23 22:38 - 2016-03-29 17:38 - 00000943 _____ C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job
2016-05-23 22:13 - 2015-12-30 02:31 - 00000000 ____D C:\Users\Marco\AppData\Local\ClassicShell
2016-05-23 21:32 - 2015-12-30 01:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\TS3Client
2016-05-23 20:38 - 2015-12-30 01:32 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-23 20:38 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-23 20:38 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-23 20:38 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-23 20:32 - 2016-03-12 15:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-23 20:32 - 2016-03-12 15:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-23 20:32 - 2015-12-30 01:30 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-23 20:32 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-23 20:15 - 2016-03-12 15:50 - 05017736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-23 20:15 - 2016-01-30 16:11 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-05-23 20:15 - 2016-01-06 00:36 - 00000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-23 20:15 - 2016-01-01 18:13 - 00000816 _____ C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-23 20:15 - 2015-12-30 01:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-05-23 16:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-23 16:44 - 2015-12-30 01:41 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2016-05-22 18:20 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Local\Spotify
2016-05-22 18:16 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Spotify
2016-05-22 01:13 - 2015-12-30 01:30 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-22 01:12 - 2016-03-19 01:11 - 00000000 ___HD C:\Program Files (x86)\DrFoneAndroid_Temp
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-05-22 01:12 - 2016-01-23 14:14 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Wondershare
2016-05-22 01:11 - 2015-12-23 21:08 - 00000000 ____D C:\Users\Marco\.android
2016-05-21 23:40 - 2015-11-28 14:44 - 00000080 _____ C:\Users\Marco\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-05-21 23:16 - 2015-12-30 02:22 - 00000000 ____D C:\ProgramData\Origin
2016-05-21 21:59 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-21 00:48 - 2015-12-30 02:56 - 00000000 ____D C:\Users\Marco\AppData\Local\CrashDumps
2016-05-20 19:53 - 2015-12-30 01:35 - 00000000 ____D C:\Users\Marco\AppData\Local\NVIDIA
2016-05-19 17:07 - 2016-01-07 16:29 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-05-19 17:03 - 2015-12-30 02:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-19 17:03 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-16 18:13 - 2016-04-03 17:51 - 00000000 ____D C:\Users\Marco\AppData\Roaming\.minecraft
2016-05-15 22:10 - 2015-12-30 01:58 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Skype
2016-05-15 00:43 - 2016-03-12 15:51 - 00000000 ____D C:\Users\Marco
2016-05-14 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 15:01 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 22:08 - 2016-01-07 16:29 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 22:07 - 2016-01-07 16:29 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-05-13 21:56 - 2015-12-30 01:22 - 00000000 ____D C:\Users\Marco\AppData\Local\Packages
2016-05-13 21:53 - 2015-07-28 20:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 20:26 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 20:26 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 20:25 - 2015-12-30 19:14 - 00000000 ____D C:\Users\Marco\AppData\Local\DisplayFusion
2016-05-11 16:40 - 2015-12-30 01:30 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 16:40 - 2015-12-30 01:30 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:34 - 2015-12-30 02:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 16:29 - 2015-12-30 02:10 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 15:59 - 2015-12-30 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-05-11 15:58 - 2015-12-30 01:33 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-11 15:58 - 2015-12-30 01:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-07 18:56 - 2015-12-30 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-02 07:39 - 2015-12-30 01:36 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-05-02 07:39 - 2015-12-30 01:36 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ____D C:\ProgramData\Skype
2016-04-30 16:51 - 2016-01-20 20:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\OBS
2016-04-30 16:28 - 2016-02-06 22:29 - 00000000 ____D C:\Users\Marco\AppData\Local\ftblauncher
2016-04-29 18:38 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Oracle
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-29 18:33 - 2015-12-30 01:42 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-04-29 18:33 - 2015-12-30 01:42 - 00000000 ____D C:\Program Files\Java
2016-04-29 18:33 - 2015-12-30 01:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-29 18:33 - 2015-10-25 14:03 - 00000000 ____D C:\Users\Marco\.oracle_jre_usage
2016-04-28 16:25 - 2015-12-30 01:37 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-26 17:50 - 2016-01-05 17:45 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Audacity
2016-04-26 16:14 - 2016-01-04 19:25 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-14 17:43 - 2016-01-14 17:43 - 0031400 _____ () C:\Users\Marco\AppData\Roaming\VoiceMeeterDefault.xml
2016-04-09 13:39 - 2016-04-09 13:39 - 0000874 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2016-03-12 23:45 - 2016-04-10 13:00 - 0007602 _____ () C:\Users\Marco\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\0zcOyh1jV2.exe
C:\Users\Marco\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Marco\AppData\Local\Temp\libeay32.dll
C:\Users\Marco\AppData\Local\Temp\mjqm325LcX.exe
C:\Users\Marco\AppData\Local\Temp\msvcr120.dll
C:\Users\Marco\AppData\Local\Temp\pPCLKa91OL.exe
C:\Users\Marco\AppData\Local\Temp\SjpBLSdrQw.exe
C:\Users\Marco\AppData\Local\Temp\sqlite3.dll
C:\Users\Marco\AppData\Local\Temp\_is3CE5.exe
C:\Users\Marco\AppData\Local\Temp\_isA7D4.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-15 17:32

==================== Ende von FRST.txt ============================

swammcrusher · 23.05.2016, 22:25

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-05-2016
durchgeführt von Marco (2016-05-23 23:18:02)
Gestartet von E:\User\Gamer_Marco\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-12 13:55:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1580680786-608523540-2495891008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1580680786-608523540-2495891008-503 - Limited - Disabled)
Gast (S-1-5-21-1580680786-608523540-2495891008-501 - Limited - Disabled)
Marco (S-1-5-21-1580680786-608523540-2495891008-1001 - Administrator - Enabled) => C:\Users\Marco

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.1.0 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.8 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.1.2.0 - Auslogics Labs Pty Ltd)
AVerMedia GL710 Live Gamer Portable 3.7.64.39 (HKLM-x32\...\AVerMedia GL710 Live Gamer Portable) (Version: 3.7.64.39 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 7.3.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.2.0 - Binary Fortress Software)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2660 Series Printer Uninstall (HKLM\...\EPSON WF-2660 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FIFA 16 DEMO (HKLM-x32\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts)
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.4.317 - DVDVideoSoft Ltd.)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.19) (Version: 9.19 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jingle Palette 4.4.5 (HKLM-x32\...\Jingle Palette) (Version: 4.4.5 - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Firefox 44.0.2 (x86 de) (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.7.1 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MTproLight 3.8 (HKLM-x32\...\MTproLight) (Version: 3.8.0.0 - Bosch Rexroth AG)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Opera Stable 37.0.2178.43 (HKLM-x32\...\Opera 37.0.2178.43) (Version: 37.0.2178.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PureSync (x32 Version: 4.0.0 - Jumping Bytes) Hidden
PureSync 4.0.0 (HKLM-x32\...\PureSync) (Version: 4.0.0 - Jumping Bytes)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Safe 15 (HKLM-x32\...\{D3FB0B73-11DF-41EE-9B6D-C7198079A88E}) (Version: 15.2.1 - Steganos Software GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version:  - SCS Software)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A8F89265890D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {10C58BBB-FFB1-4DC6-B74E-0AB61E3E4FB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2EEEC597-D495-4117-BAD7-3B2D61E5C9C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {561FBB89-B183-44D4-B1AE-44BA16A9CB10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {5C2FC76E-25B7-4627-B565-9C0430BA0776} - System32\Tasks\Opera scheduled Autoupdate 1462655346 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-09] (Opera Software)
Task: {75210AB4-3F7E-4E61-B0A7-5EB1EA669C95} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-marcocardinal@ok.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {8F5AEF37-E2C6-439C-A523-FC0525A623DE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {9F88298B-6D1E-4EBA-8BE3-DA055C752296} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {A2AE5972-E5B0-45D6-982F-B24111E01E2B} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {A98C9F97-284D-4CA2-8EA3-7C003CB5BF90} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {B1A46BCB-1324-44F8-B766-6A7C5F7E8E34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {B83EE2AC-59B5-4DF0-8BDD-52717B92FE70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {E78D3301-36EF-4EDE-9124-DD7E3CF65FBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {FA651E8A-8346-4637-926E-D4BF3591A9B2} - System32\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {FC970EDD-59FB-41F2-9AFF-0D76ACFC55CE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{EA5DFD3C-470C-463C-8757-713F4BCE6FE4} /F:UpdateWORKGROUP\GAMER_MARCO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-12 15:50 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-30 02:34 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-03-06 01:22 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-30 01:36 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-06 01:22 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-17 01:30 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-12 15:47 - 2016-03-12 15:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 16:18 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 16:17 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 16:18 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 16:18 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-30 01:36 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-12-30 01:36 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-02-28 11:14 - 2016-04-28 16:25 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-04-28 16:25 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-04-28 16:25 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-04-28 16:25 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2016-04-28 16:25 - 00402200 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2014-08-04 15:46 - 2016-04-28 16:25 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-30 01:36 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-12-30 01:10 - 2015-12-30 01:10 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1580680786-608523540-2495891008-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marco\AppData\Local\DisplayFusion\Wallpaper_2.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SAFE15 File Redirection Starter"
HKLM\...\StartupApproved\Run32: => "Steganos HotKeys"
HKLM\...\StartupApproved\Run32: => "DFX"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "WSHelperSetup.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "SAFE15 Browser Monitor"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "WSHelperSetup.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD0A5C80-CDF7-4785-BA7E-AE37D7214920}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2ECDED1F-0924-4B71-8A48-F2628E954926}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E667E24A-E57D-42B1-B64D-0BD4276B8495}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F03A89E1-886A-4CEE-A0D6-BB519FD835B4}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E4262F6E-98DE-4DF7-82D4-E4116A1DE561}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A53C1EC-C22F-4347-8C1F-D390166269C8}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [UDP Query User{B401E615-2227-4F35-8556-D5E4B06DA123}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [TCP Query User{B71DACC4-0E53-4D50-A9EA-31AFD8AD3655}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [UDP Query User{601CCDCC-A341-4BBC-8DDA-DAFDF1E8B96F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{3F26A9B7-9B3D-453B-BD10-6CFF09449B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7417B97F-566A-4B29-953C-9F53B3FDDB8F}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{57AD2227-13D6-4C75-AC7B-69A8FB301B10}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{59D6AED6-8B36-45E2-A9BB-F6019F1C0C9C}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8074B0EF-50AD-469C-A06F-38C03252D670}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{10C778CC-40DC-41EE-A3A5-0E813F4A3915}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{10AAC774-2EFB-455A-ABE2-4C0573A23411}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{2A7D0F39-49B3-410C-8AD5-B1CEF54B456D}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45F8BFDB-FD53-482E-8AD5-C6F35D3B9D9B}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5152B05F-258B-46E2-B927-C7FF6BF457D6}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A34C4A7D-7835-49F2-98A6-CD7F29E03F4D}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10874CA3-CD96-4E2A-A014-39C9F653D019}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{14C9F802-2DC0-4E9C-AE59-9524798F7040}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{4278152A-4608-44D8-AB69-F5F402CFED67}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{B735366A-4AEC-482C-B224-ED2CDBDE5B14}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{30EF49A5-D152-469F-B167-76EE92883383}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{7A097AA4-F24C-44DF-9CE5-F9D94A643243}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{5806E96A-49F8-4818-A01E-9BADB533189B}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93391AC7-AB30-4C44-B72B-36A79E37465E}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0ED660C1-BAA1-4270-90F6-C441674621E4}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4BA75A1E-3FBB-4FBC-A12E-EAD6E55856CC}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{512DB678-0632-4A68-A987-153007CE289B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{15F1769D-DDD0-4198-8A5F-478F043ADB8E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1ADB64E4-19D4-45F3-94FD-CF4B61959189}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{9BA81012-C50C-41E5-8236-69ABDE514690}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{71FA2C04-E229-4586-9485-308B307F143A}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{819376E6-4A76-4F4B-901D-80DB84110ABD}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{CDD38BE4-955D-4646-B6EE-75AF9E7BDBFA}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{2FA3F0DC-1142-431F-AEA5-0F0B00BCEF32}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{D2714BF9-98D9-474F-A944-2216472ACC3A}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{E5FEE2B6-1FC9-45A5-AFF1-E8BEEF3E3924}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B78E3896-EA94-47D1-A57F-846B4355DE52}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40E034CC-525D-4127-B72A-665BE17C8CE1}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{29894679-B805-486D-B926-456AC7038C86}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D0FBDF4D-6F43-47D3-8B21-DA7D673D8B3C}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{118274F0-761E-451E-B487-79EF49A12C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{123A31D4-E8C2-472A-A7C9-E83DCFC04881}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C4ED4934-F1F8-4D4B-A88C-FDC5588B3025}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21D2792A-295A-4248-8245-2BA9BB813840}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CFA9D02-D79B-4A51-8B48-2B8C4FF31F94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E3B9B54-3249-477A-A2D2-6FDE0C1484D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA87E09C-26A9-4201-806A-487B89C26850}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29776142-FED0-4F31-8686-7810FE22DE25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8B20F952-3269-4AB7-B655-190E6052ECAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84CAAFDA-E826-4256-805A-069F4B856DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DE886E61-3D1A-4ED3-90EE-5DC106D54639}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A92FD66-2692-4C2B-AA19-E499BF2C2A86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAD82CE1-CA3A-4D4A-A4F7-15F9C701C6FD}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{DE654915-1684-4F28-B7FF-114067863839}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{053D6B65-2683-4354-B44D-5EB93F34E57E}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{6AFD7479-FA73-4FE0-A34B-0125FA7D2E9F}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{78BA28B4-FA63-4759-B7A2-503FB1670002}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F6B2DD0F-CCAA-49A1-9726-931CEADAFF0A}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{DA51DF10-AB25-41A2-87F4-E9A7A19176E1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{D0E6330D-7EDC-4240-AE2B-8C83E9333694}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9A379AF9-F57F-4726-A9C6-A091F68C4DAA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0028C0CF-942A-466D-B0CD-A6B75F441A5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/23/2016 08:13:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_5.117.exe, Version 5.1.1.7 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18b4

Startzeit: 01d1b51e0a35e33a

Beendigungszeit: 4294967295

Anwendungspfad: E:\User\Gamer_Marco\Downloads\adwcleaner_5.117.exe

Berichts-ID: 04536dd0-2112-11e6-9eb4-d8cb8a350237

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (05/22/2016 07:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x36c4
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/22/2016 01:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x33fc
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/21/2016 01:08:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x10ec
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/21/2016 01:03:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 50.0.2661.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d98

Startzeit: 01d1b2ba5f8204ae

Beendigungszeit: 3

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 15702a17-1edf-11e6-9eb4-d8cb8a350237

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (05/21/2016 12:48:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UplayService.exe, Version: 19.0.0.4810, Zeitstempel: 0x57308980
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 10.18.13.6175, Zeitstempel: 0x56a2c5b8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00079999
ID des fehlerhaften Prozesses: 0x2074
Startzeit der fehlerhaften Anwendung: 0xUplayService.exe0
Pfad der fehlerhaften Anwendung: UplayService.exe1
Pfad des fehlerhaften Moduls: UplayService.exe2
Berichtskennung: UplayService.exe3
Vollständiger Name des fehlerhaften Pakets: UplayService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UplayService.exe5

Error: (05/20/2016 07:32:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/19/2016 10:26:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x31bc
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/19/2016 06:40:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive update rate for Mediathek\032von\032Gamer_Marco._home-sharing._tcp.local.; delaying announcement by 3 seconds

Error: (05/19/2016 06:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive update rate for Mediathek\032von\032Gamer_Marco._home-sharing._tcp.local.; delaying announcement by 4 seconds


Systemfehler:
=============
Error: (05/23/2016 08:32:20 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (05/23/2016 08:31:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_5178c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 08:31:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _5178c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 08:31:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_5178c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 08:31:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5178c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 08:31:58 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/23/2016 08:31:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/23/2016 08:31:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (05/23/2016 08:31:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (05/23/2016 08:31:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


CodeIntegrity:
===================================
  Date: 2016-05-19 17:03:29.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 23:15:52.167
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 21:52:00.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 17:16:31.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-10 18:21:47.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.271
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16329.94 MB
Verfügbarer physikalischer RAM: 13241.44 MB
Summe virtueller Speicher: 18761.94 MB
Verfügbarer virtueller Speicher: 15119.45 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.29 GB) (Free:54.24 GB) NTFS
Drive e: (Daten) (Fixed) (Total:191.99 GB) (Free:59.79 GB) NTFS
Drive f: (Programme) (Fixed) (Total:234.74 GB) (Free:132.23 GB) NTFS
Drive g: (Games) (Fixed) (Total:358.29 GB) (Free:84.9 GB) NTFS
Drive h: (SSD 2) (Fixed) (Total:223.44 GB) (Free:211.87 GB) NTFS
Drive j: (Volume) (Fixed) (Total:146.48 GB) (Free:69.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 22CD7469)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D2CD1FA9)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=192 GB) - (Type=42)
Partition 3: (Not Active) - (Size=739.5 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

23:20:10.0576 0x0ce0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:20:10.0576 0x0ce0  UEFI system
23:20:30.0120 0x0ce0  ============================================================
23:20:30.0120 0x0ce0  Current date / time: 2016/05/23 23:20:30.0120
23:20:30.0120 0x0ce0  SystemInfo:
23:20:30.0120 0x0ce0  
23:20:30.0120 0x0ce0  OS Version: 10.0.10586 ServicePack: 0.0
23:20:30.0120 0x0ce0  Product type: Workstation
23:20:30.0120 0x0ce0  ComputerName: GAMER_MARCO
23:20:30.0120 0x0ce0  UserName: Marco
23:20:30.0120 0x0ce0  Windows directory: C:\WINDOWS
23:20:30.0120 0x0ce0  System windows directory: C:\WINDOWS
23:20:30.0120 0x0ce0  Running under WOW64
23:20:30.0120 0x0ce0  Processor architecture: Intel x64
23:20:30.0120 0x0ce0  Number of processors: 8
23:20:30.0120 0x0ce0  Page size: 0x1000
23:20:30.0120 0x0ce0  Boot type: Normal boot
23:20:30.0120 0x0ce0  ============================================================
23:20:30.0206 0x0ce0  KLMD registered as C:\WINDOWS\system32\drivers\23213077.sys
23:20:30.0281 0x0ce0  System UUID: {604E2643-A0C3-25A5-AE67-4C51A10B5CF5}
23:20:30.0535 0x0ce0  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:30.0536 0x0ce0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:30.0545 0x0ce0  Drive \Device\Harddisk2\DR2 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:20:30.0548 0x0ce0  ============================================================
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0:
23:20:30.0548 0x0ce0  GPT partitions:
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0E87C6D2-7C37-4366-A2CF-08AE6DA7F0F8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {39B2DB94-E092-4090-AE32-73F6F3CDD7D5}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {59BC7F4D-EC43-4C4A-9630-3CABD30B31B5}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {42F4FDF8-CB32-4C46-B632-74B6EC9D1114}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0xEC92800
23:20:30.0548 0x0ce0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {55EE7E83-C54C-411C-805C-7A92BBA9D236}, Name: , StartLBA 0xED9B000, BlocksNum 0xE1000
23:20:30.0548 0x0ce0  MBR partitions:
23:20:30.0548 0x0ce0  \Device\Harddisk1\DR1:
23:20:30.0548 0x0ce0  MBR partitions:
23:20:30.0548 0x0ce0  \Device\Harddisk2\DR2:
23:20:30.0549 0x0ce0  GPT partitions:
23:20:30.0549 0x0ce0  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3F1CB689-21BF-423E-9F40-152FB613C67C}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
23:20:30.0549 0x0ce0  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {87DD78A1-ED53-4EC7-B9FD-EDF884280170}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x1BEE3800
23:20:30.0549 0x0ce0  MBR partitions:
23:20:30.0549 0x0ce0  ============================================================
23:20:30.0550 0x0ce0  C: <-> \Device\Harddisk0\DR0\Partition4
23:20:30.0551 0x0ce0  H: <-> \Device\Harddisk2\DR2\Partition2
23:20:30.0551 0x0ce0  ============================================================
23:20:30.0551 0x0ce0  Initialize success
23:20:30.0551 0x0ce0  ============================================================
23:20:49.0487 0x2634  ============================================================
23:20:49.0487 0x2634  Scan started
23:20:49.0487 0x2634  Mode: Manual; SigCheck; TDLFS; 
23:20:49.0487 0x2634  ============================================================
23:20:49.0487 0x2634  KSN ping started
23:20:51.0773 0x2634  KSN ping finished: true
23:20:52.0054 0x2634  ================ Scan system memory ========================
23:20:52.0054 0x2634  System memory - ok
23:20:52.0056 0x2634  ================ Scan services =============================
23:20:52.0088 0x2634  1394ohci - ok
23:20:52.0090 0x2634  3ware - ok
23:20:52.0092 0x2634  ACPI - ok
23:20:52.0094 0x2634  acpiex - ok
23:20:52.0095 0x2634  acpipagr - ok
23:20:52.0097 0x2634  AcpiPmi - ok
23:20:52.0098 0x2634  acpitime - ok
23:20:52.0103 0x2634  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:20:52.0123 0x2634  AdobeARMservice - ok
23:20:52.0155 0x2634  [ 561E13867AEA0E9755CEB1EEC9D0EC76, 1AC222449569272D3A07F90F55071661AAFE303EAA34202104E2944BC1413CB1 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:20:52.0161 0x2634  AdobeFlashPlayerUpdateSvc - ok
23:20:52.0172 0x2634  [ 6A90FF6FFDB8DB97F7E0F730A3582794, 5F45A5301FDA501CF6D60684499A8AF6A2A44864A3E796A054FA63D3B9863072 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
23:20:52.0184 0x2634  AdobeUpdateService - ok
23:20:52.0188 0x2634  ADP80XX - ok
23:20:52.0190 0x2634  AFD - ok
23:20:52.0192 0x2634  agp440 - ok
23:20:52.0219 0x2634  [ C17171E63E84F5711DF23B8F1E7A100E, C2AFDDA0A1A502FAE6B51BD00FF5884F46A74D9AEC76856B32E82D244D14FA97 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
23:20:52.0246 0x2634  AGSService - ok
23:20:52.0249 0x2634  ahcache - ok
23:20:52.0252 0x2634  AJRouter - ok
23:20:52.0254 0x2634  ALG - ok
23:20:52.0255 0x2634  AmdK8 - ok
23:20:52.0257 0x2634  AmdPPM - ok
23:20:52.0259 0x2634  amdsata - ok
23:20:52.0260 0x2634  amdsbs - ok
23:20:52.0262 0x2634  amdxata - ok
23:20:52.0268 0x2634  [ 663DC57CDF45FBF523087612856EBE55, 608336558CE3A0C13F167F85F9B49DC145B1269A316F97D60670CDF8C5CFAC8A ] androidusb      C:\WINDOWS\System32\Drivers\wsadb.sys
23:20:52.0277 0x2634  androidusb - ok
23:20:52.0279 0x2634  AppID - ok
23:20:52.0280 0x2634  AppIDSvc - ok
23:20:52.0282 0x2634  Appinfo - ok
23:20:52.0287 0x2634  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:20:52.0292 0x2634  Apple Mobile Device Service - ok
23:20:52.0294 0x2634  AppReadiness - ok
23:20:52.0296 0x2634  AppXSvc - ok
23:20:52.0298 0x2634  arcsas - ok
23:20:52.0302 0x2634  [ 10920CCB66203D7EF48F024B1B35AE6F, 3C97FE6C91076C059E54234F54021F5D74FB42638BE14E2C1E4CF2EFC342C274 ] asmthub3        C:\WINDOWS\System32\drivers\asmthub3.sys
23:20:52.0307 0x2634  asmthub3 - ok
23:20:52.0315 0x2634  [ C479BFAF73CF726E01AA0A487B268A5E, D49F7779CD25E098EC9DAF1886C3B3DB8EB22CEC0FEA6FDF4522A2B2D282AE37 ] asmtxhci        C:\WINDOWS\System32\drivers\asmtxhci.sys
23:20:52.0323 0x2634  asmtxhci - ok
23:20:52.0326 0x2634  [ 7F31020C06C8EC1B7013F8A8EF6B0C7E, BE94C92127FE88D5512D8C128CC7FFB2DF62285FE315319FF45E132FD3B6D47D ] asstor64        C:\WINDOWS\system32\drivers\asstor64.sys
23:20:52.0331 0x2634  asstor64 - ok
23:20:52.0334 0x2634  AsyncMac - ok
23:20:52.0336 0x2634  atapi - ok
23:20:52.0338 0x2634  AudioEndpointBuilder - ok
23:20:52.0340 0x2634  Audiosrv - ok
23:20:52.0360 0x2634  [ 305DC276BE16EB32FEDAC8D94ACA3160, 1BE71BAA5221BA6DCA580A90148A7977F4E4C1A2C3A95F72A347330F768E1D14 ] AVer330USB      C:\WINDOWS\system32\DRIVERS\AVer330USB.sys
23:20:52.0394 0x2634  AVer330USB - ok
23:20:52.0420 0x2634  [ 38FF56677E7592031CE09A1340002E90, 91F6773D69A38FEB71ADE384902CBE2E42FC2A021A097B926DCE1A1F4BE3745F ] AVerRECentral   C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
23:20:52.0446 0x2634  AVerRECentral - ok
23:20:52.0455 0x2634  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
23:20:52.0462 0x2634  AVP16.0.0 - ok
23:20:52.0464 0x2634  AxInstSV - ok
23:20:52.0466 0x2634  b06bdrv - ok
23:20:52.0468 0x2634  BasicDisplay - ok
23:20:52.0470 0x2634  BasicRender - ok
23:20:52.0472 0x2634  bcmfn - ok
23:20:52.0474 0x2634  bcmfn2 - ok
23:20:52.0476 0x2634  BDESVC - ok
23:20:52.0477 0x2634  Beep - ok
23:20:52.0479 0x2634  BFE - ok
23:20:52.0481 0x2634  BITS - ok
23:20:52.0488 0x2634  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:20:52.0496 0x2634  Bonjour Service - ok
23:20:52.0498 0x2634  bowser - ok
23:20:52.0502 0x2634  BrokerInfrastructure - ok
23:20:52.0504 0x2634  Browser - ok
23:20:52.0506 0x2634  BthAvrcpTg - ok
23:20:52.0507 0x2634  BthHFEnum - ok
23:20:52.0509 0x2634  bthhfhid - ok
23:20:52.0511 0x2634  BthHFSrv - ok
23:20:52.0516 0x2634  BTHMODEM - ok
23:20:52.0518 0x2634  bthserv - ok
23:20:52.0520 0x2634  buttonconverter - ok
23:20:52.0522 0x2634  CapImg - ok
23:20:52.0523 0x2634  cdfs - ok
23:20:52.0525 0x2634  CDPSvc - ok
23:20:52.0530 0x2634  cdrom - ok
23:20:52.0532 0x2634  CertPropSvc - ok
23:20:52.0534 0x2634  [ 76FBFD583CCE97FD06FCD510805A5908, 9CBBCC49E3CB1882C89798C0FB1836EFD0ED84775CCDFFEC898DFAB3996A2E12 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
23:20:52.0541 0x2634  CGVPNCliService - ok
23:20:52.0544 0x2634  circlass - ok
23:20:52.0545 0x2634  CLFS - ok
23:20:52.0584 0x2634  [ 9A62177931525A679F7ECB295442D89F, F2946F677F0602AE89E90BB62718B6AD0A4B430DE22801A0D2A358146D698D54 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
23:20:52.0625 0x2634  ClickToRunSvc - ok
23:20:52.0629 0x2634  ClipSVC - ok
23:20:52.0634 0x2634  CmBatt - ok
23:20:52.0640 0x2634  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
23:20:52.0648 0x2634  cm_km - ok
23:20:52.0650 0x2634  CNG - ok
23:20:52.0652 0x2634  cnghwassist - ok
23:20:52.0666 0x2634  CompositeBus - ok
23:20:52.0668 0x2634  COMSysApp - ok
23:20:52.0670 0x2634  condrv - ok
23:20:52.0672 0x2634  CoreMessagingRegistrar - ok
23:20:52.0675 0x2634  CryptSvc - ok
23:20:52.0676 0x2634  dam - ok
23:20:52.0679 0x2634  DcomLaunch - ok
23:20:52.0680 0x2634  DcpSvc - ok
23:20:52.0682 0x2634  defragsvc - ok
23:20:52.0688 0x2634  DeviceAssociationService - ok
23:20:52.0690 0x2634  DeviceInstall - ok
23:20:52.0692 0x2634  DevQueryBroker - ok
23:20:52.0693 0x2634  Dfsc - ok
23:20:52.0696 0x2634  [ 992A1BFEC7172B826C138E15B6D1302D, 7E31C24194B92D7AF8C7A6451AC339F2CC3E80466967E40E86809455328A0F81 ] DFX12           C:\WINDOWS\system32\drivers\dfx12x64.sys
23:20:52.0701 0x2634  DFX12 - ok
23:20:52.0703 0x2634  Dhcp - ok
23:20:52.0705 0x2634  diagnosticshub.standardcollector.service - ok
23:20:52.0707 0x2634  DiagTrack - ok
23:20:52.0714 0x2634  [ BB5C615C2F0D6F392B3C93B988969E02, 13F30E2BEE863823FB85A57C407060B2677D1EF95908D49D97FD0551D29E1969 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
23:20:52.0722 0x2634  DigitalWave.Update.Service - ok
23:20:52.0724 0x2634  disk - ok
23:20:52.0781 0x2634  [ 9B993EA24540AABA59FC890A384B54A2, 91E369EBC9F14210E1D60AACD2E8170F28B5225D756A614631A011562AB49747 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
23:20:52.0838 0x2634  DisplayFusionService - ok
23:20:52.0844 0x2634  DmEnrollmentSvc - ok
23:20:52.0844 0x2634  dmvsc - ok
23:20:52.0847 0x2634  dmwappushservice - ok
23:20:52.0849 0x2634  Dnscache - ok
23:20:52.0851 0x2634  dot3svc - ok
23:20:52.0853 0x2634  DPS - ok
23:20:52.0854 0x2634  drmkaud - ok
23:20:52.0857 0x2634  DsmSvc - ok
23:20:52.0858 0x2634  DsSvc - ok
23:20:52.0860 0x2634  DXGKrnl - ok
23:20:52.0861 0x2634  Eaphost - ok
23:20:52.0863 0x2634  ebdrv - ok
23:20:52.0865 0x2634  EFS - ok
23:20:52.0872 0x2634  EhStorClass - ok
23:20:52.0873 0x2634  EhStorTcgDrv - ok
23:20:52.0875 0x2634  embeddedmode - ok
23:20:52.0876 0x2634  EntAppSvc - ok
23:20:52.0880 0x2634  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
23:20:52.0887 0x2634  EpsonScanSvc - ok
23:20:52.0888 0x2634  ErrDev - ok
23:20:52.0892 0x2634  EventSystem - ok
23:20:52.0893 0x2634  exfat - ok
23:20:52.0895 0x2634  fastfat - ok
23:20:52.0897 0x2634  Fax - ok
23:20:52.0898 0x2634  fdc - ok
23:20:52.0900 0x2634  fdPHost - ok
23:20:52.0905 0x2634  FDResPub - ok
23:20:52.0907 0x2634  fhsvc - ok
23:20:52.0908 0x2634  FileCrypt - ok
23:20:52.0910 0x2634  FileInfo - ok
23:20:52.0911 0x2634  Filetrace - ok
23:20:52.0913 0x2634  flpydisk - ok
23:20:52.0915 0x2634  FltMgr - ok
23:20:52.0917 0x2634  FontCache - ok
23:20:52.0919 0x2634  FontCache3.0.0.0 - ok
23:20:52.0924 0x2634  FsDepends - ok
23:20:52.0925 0x2634  Fs_Rec - ok
23:20:52.0927 0x2634  fvevol - ok
23:20:52.0929 0x2634  gagp30kx - ok
23:20:52.0931 0x2634  gencounter - ok
23:20:52.0932 0x2634  genericusbfn - ok
23:20:52.0948 0x2634  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:20:52.0966 0x2634  GfExperienceService - ok
23:20:52.0969 0x2634  GPIOClx0101 - ok
23:20:52.0971 0x2634  gpsvc - ok
23:20:52.0972 0x2634  GpuEnergyDrv - ok
23:20:52.0976 0x2634  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:20:52.0981 0x2634  gupdate - ok
23:20:52.0984 0x2634  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:20:52.0989 0x2634  gupdatem - ok
23:20:52.0991 0x2634  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
23:20:53.0000 0x2634  Hamachi - ok
23:20:53.0033 0x2634  [ C0702639ADE5C6D9CD27FD604146A6D4, C239F116C9BA7CA4891BDAA3DE808E1B7859B7B2FD8E642396DBB42A52AAD364 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:20:53.0066 0x2634  Hamachi2Svc - ok
23:20:53.0069 0x2634  HDAudBus - ok
23:20:53.0071 0x2634  HidBatt - ok
23:20:53.0073 0x2634  HidBth - ok
23:20:53.0074 0x2634  hidi2c - ok
23:20:53.0076 0x2634  hidinterrupt - ok
23:20:53.0077 0x2634  HidIr - ok
23:20:53.0079 0x2634  hidserv - ok
23:20:53.0081 0x2634  HidUsb - ok
23:20:53.0083 0x2634  HomeGroupListener - ok
23:20:53.0088 0x2634  HomeGroupProvider - ok
23:20:53.0090 0x2634  HpSAMD - ok
23:20:53.0091 0x2634  HTTP - ok
23:20:53.0093 0x2634  hwpolicy - ok
23:20:53.0095 0x2634  hyperkbd - ok
23:20:53.0096 0x2634  i8042prt - ok
23:20:53.0098 0x2634  iai2c - ok
23:20:53.0100 0x2634  iaLPSS2i_I2C - ok
23:20:53.0101 0x2634  iaLPSSi_GPIO - ok
23:20:53.0107 0x2634  iaLPSSi_I2C - ok
23:20:53.0109 0x2634  iaStorAV - ok
23:20:53.0110 0x2634  iaStorV - ok
23:20:53.0112 0x2634  ibbus - ok
23:20:53.0114 0x2634  icssvc - ok
23:20:53.0115 0x2634  IEEtwCollectorService - ok
23:20:53.0117 0x2634  IKEEXT - ok
23:20:53.0178 0x2634  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:20:53.0234 0x2634  IntcAzAudAddService - ok
23:20:53.0239 0x2634  intelide - ok
23:20:53.0241 0x2634  intelpep - ok
23:20:53.0242 0x2634  intelppm - ok
23:20:53.0244 0x2634  IoQos - ok
23:20:53.0246 0x2634  IpFilterDriver - ok
23:20:53.0247 0x2634  iphlpsvc - ok
23:20:53.0249 0x2634  IPMIDRV - ok
23:20:53.0251 0x2634  IPNAT - ok
23:20:53.0260 0x2634  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:20:53.0271 0x2634  iPod Service - ok
23:20:53.0273 0x2634  IRENUM - ok
23:20:53.0275 0x2634  isapnp - ok
23:20:53.0277 0x2634  iScsiPrt - ok
23:20:53.0279 0x2634  [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT            C:\WINDOWS\System32\drivers\ISCTD.sys
23:20:53.0284 0x2634  ISCT - ok
23:20:53.0286 0x2634  [ BCE64362A4EDE99B7EF878E63C897327, 3CA1E8D5E78978E5F6472E2674F6B97CC2596A8EF9639F6F41E30C5CE4F87DB1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:20:53.0291 0x2634  iwdbus - ok
23:20:53.0297 0x2634  kbdclass - ok
23:20:53.0299 0x2634  kbdhid - ok
23:20:53.0301 0x2634  kdnic - ok
23:20:53.0304 0x2634  [ B7086913421815DFD28FCA62BE0F43F0, 38A3820F857F56E0CA1A874C5E4BDFC0343EBD5975B807B0053312AD105A549B ] Ke2200          C:\WINDOWS\System32\drivers\e22w8x64.sys
23:20:53.0309 0x2634  Ke2200 - ok
23:20:53.0311 0x2634  KeyIso - ok
23:20:53.0318 0x2634  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
23:20:53.0327 0x2634  kl1 - ok
23:20:53.0330 0x2634  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
23:20:53.0334 0x2634  klbackupdisk - ok
23:20:53.0337 0x2634  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
23:20:53.0342 0x2634  klbackupflt - ok
23:20:53.0345 0x2634  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
23:20:53.0350 0x2634  kldisk - ok
23:20:53.0353 0x2634  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
23:20:53.0360 0x2634  klelam - ok
23:20:53.0364 0x2634  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
23:20:53.0371 0x2634  klflt - ok
23:20:53.0376 0x2634  [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
23:20:53.0382 0x2634  klhk - ok
23:20:53.0395 0x2634  [ 3DC953B77F13031C7763464FC0AD1E71, B0142B8A9FB5889D7F76E16EA26F1EA9BC7F1770226CD139B3C932671EBD802B ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
23:20:53.0410 0x2634  KLIF - ok
23:20:53.0413 0x2634  [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
23:20:53.0418 0x2634  KLIM6 - ok
23:20:53.0420 0x2634  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
23:20:53.0425 0x2634  klkbdflt - ok
23:20:53.0427 0x2634  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
23:20:53.0432 0x2634  klmouflt - ok
23:20:53.0436 0x2634  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
23:20:53.0441 0x2634  klpd - ok
23:20:53.0444 0x2634  [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
23:20:53.0449 0x2634  klwfp - ok
23:20:53.0452 0x2634  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
23:20:53.0457 0x2634  Klwtp - ok
23:20:53.0461 0x2634  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
23:20:53.0467 0x2634  kneps - ok
23:20:53.0469 0x2634  KSecDD - ok
23:20:53.0471 0x2634  KSecPkg - ok
23:20:53.0472 0x2634  ksthunk - ok
23:20:53.0474 0x2634  KtmRm - ok
23:20:53.0476 0x2634  LanmanServer - ok
23:20:53.0477 0x2634  LanmanWorkstation - ok
23:20:53.0480 0x2634  lfsvc - ok
23:20:53.0482 0x2634  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
23:20:53.0489 0x2634  LGBusEnum - ok
23:20:53.0492 0x2634  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
23:20:53.0496 0x2634  LGCoreTemp - ok
23:20:53.0499 0x2634  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
23:20:53.0506 0x2634  LGJoyXlCore - ok
23:20:53.0514 0x2634  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\System32\drivers\LGSHidFilt.Sys
23:20:53.0518 0x2634  LGSHidFilt - ok
23:20:53.0521 0x2634  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
23:20:53.0527 0x2634  LGVirHid - ok
23:20:53.0529 0x2634  LicenseManager - ok
23:20:53.0531 0x2634  lltdio - ok
23:20:53.0532 0x2634  lltdsvc - ok
23:20:53.0536 0x2634  lmhosts - ok
23:20:53.0543 0x2634  [ 58FA4A9CC1F6406B6B9FA57415989123, 8DA00EA4EECC6FA9A35CBA36551D22BE1B36EE41BB000085D83ADF433781A09E ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
23:20:53.0550 0x2634  LMIGuardianSvc - ok
23:20:53.0555 0x2634  [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
23:20:53.0561 0x2634  LogiRegistryService - ok
23:20:53.0564 0x2634  LSI_SAS - ok
23:20:53.0566 0x2634  LSI_SAS2i - ok
23:20:53.0568 0x2634  LSI_SAS3i - ok
23:20:53.0569 0x2634  LSI_SSS - ok
23:20:53.0571 0x2634  LSM - ok
23:20:53.0573 0x2634  luafv - ok
23:20:53.0579 0x2634  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
23:20:53.0586 0x2634  lvrs64 - ok
23:20:53.0644 0x2634  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
23:20:53.0702 0x2634  LVUVC64 - ok
23:20:53.0708 0x2634  MapsBroker - ok
23:20:53.0710 0x2634  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
23:20:53.0714 0x2634  MBfilt - ok
23:20:53.0716 0x2634  megasas - ok
23:20:53.0718 0x2634  megasr - ok
23:20:53.0721 0x2634  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
23:20:53.0728 0x2634  MEIx64 - ok
23:20:53.0736 0x2634  MessagingService - ok
23:20:53.0741 0x2634  mlx4_bus - ok
23:20:53.0743 0x2634  MMCSS - ok
23:20:53.0745 0x2634  Modem - ok
23:20:53.0748 0x2634  monitor - ok
23:20:53.0749 0x2634  mouclass - ok
23:20:53.0751 0x2634  mouhid - ok
23:20:53.0753 0x2634  mountmgr - ok
23:20:53.0760 0x2634  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:20:53.0766 0x2634  MozillaMaintenance - ok
23:20:53.0769 0x2634  [ F698733800467A6C842B7343E25BA742, 7472D690FCEBCFFF346F93A849B765914EBBB13328A33DD82527EA0FDFD93EB5 ] MPCKpt          C:\WINDOWS\system32\DRIVERS\MPCKpt.sys
23:20:53.0773 0x2634  MPCKpt - ok
23:20:53.0779 0x2634  [ A2288D65D663DD6889A83C38A3A74212, EF436A122B853C087D85413A48765B70755F40303871DFA915F6289FBCEBC462 ] MPCProtectService C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
23:20:53.0787 0x2634  MPCProtectService - ok
23:20:53.0789 0x2634  mpsdrv - ok
23:20:53.0791 0x2634  MpsSvc - ok
23:20:53.0793 0x2634  MRxDAV - ok
23:20:53.0794 0x2634  mrxsmb - ok
23:20:53.0796 0x2634  mrxsmb10 - ok
23:20:53.0798 0x2634  mrxsmb20 - ok
23:20:53.0800 0x2634  MsBridge - ok
23:20:53.0805 0x2634  MSDTC - ok
23:20:53.0808 0x2634  Msfs - ok
23:20:53.0810 0x2634  msgpiowin32 - ok
23:20:53.0811 0x2634  mshidkmdf - ok
23:20:53.0813 0x2634  mshidumdf - ok
23:20:53.0815 0x2634  msisadrv - ok
23:20:53.0817 0x2634  MSiSCSI - ok
23:20:53.0818 0x2634  msiserver - ok
23:20:53.0824 0x2634  MSKSSRV - ok
23:20:53.0826 0x2634  MsLldp - ok
23:20:53.0828 0x2634  MSPCLOCK - ok
23:20:53.0829 0x2634  MSPQM - ok
23:20:53.0831 0x2634  MsRPC - ok
23:20:53.0834 0x2634  mssmbios - ok
23:20:53.0839 0x2634  MSTEE - ok
23:20:53.0841 0x2634  MTConfig - ok
23:20:53.0843 0x2634  Mup - ok
23:20:53.0845 0x2634  mvumis - ok
23:20:53.0856 0x2634  [ E605F35F03C881DC46902E0E2F5985B3, C97F0C733377E35B463EF7F6A5B879DA21AB512719899160C09278615FE39A21 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
23:20:53.0867 0x2634  MyEpson Portal Service - ok
23:20:53.0871 0x2634  NativeWifiP - ok
23:20:53.0872 0x2634  NcaSvc - ok
23:20:53.0874 0x2634  NcbService - ok
23:20:53.0876 0x2634  NcdAutoSetup - ok
23:20:53.0878 0x2634  ndfltr - ok
23:20:53.0880 0x2634  NDIS - ok
23:20:53.0881 0x2634  NdisCap - ok
23:20:53.0883 0x2634  NdisImPlatform - ok
23:20:53.0889 0x2634  NdisTapi - ok
23:20:53.0890 0x2634  Ndisuio - ok
23:20:53.0892 0x2634  NdisVirtualBus - ok
23:20:53.0893 0x2634  NdisWan - ok
23:20:53.0895 0x2634  ndiswanlegacy - ok
23:20:53.0897 0x2634  ndproxy - ok
23:20:53.0903 0x2634  Ndu - ok
23:20:53.0904 0x2634  NetBIOS - ok
23:20:53.0907 0x2634  NetBT - ok
23:20:53.0908 0x2634  Netlogon - ok
23:20:53.0910 0x2634  Netman - ok
23:20:53.0912 0x2634  netprofm - ok
23:20:53.0917 0x2634  NetSetupSvc - ok
23:20:53.0921 0x2634  NetTcpPortSharing - ok
23:20:53.0924 0x2634  NgcCtnrSvc - ok
23:20:53.0926 0x2634  NgcSvc - ok
23:20:53.0927 0x2634  NlaSvc - ok
23:20:53.0929 0x2634  Npfs - ok
23:20:53.0935 0x2634  npsvctrig - ok
23:20:53.0936 0x2634  nsi - ok
23:20:53.0938 0x2634  nsiproxy - ok
23:20:53.0940 0x2634  NTFS - ok
23:20:53.0942 0x2634  Null - ok
23:20:53.0946 0x2634  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
23:20:53.0952 0x2634  NVHDA - ok
23:20:54.0102 0x2634  [ 563000D29B9DABDD8CE308177D98EB5D, 9406763DAEE1893C6DF6C1659976A1673440B7BC3384B708AD06C3C42C733941 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:20:54.0250 0x2634  nvlddmkm - ok
23:20:54.0283 0x2634  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:20:54.0308 0x2634  NvNetworkService - ok
23:20:54.0311 0x2634  nvraid - ok
23:20:54.0313 0x2634  nvstor - ok
23:20:54.0316 0x2634  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:20:54.0320 0x2634  NvStreamKms - ok
23:20:54.0366 0x2634  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
23:20:54.0412 0x2634  NvStreamNetworkSvc - ok
23:20:54.0447 0x2634  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
23:20:54.0479 0x2634  NvStreamSvc - ok
23:20:54.0488 0x2634  [ 4398DCC9BA21E1BE911A13BD18C63481, 251DF1EF6101AC071100665686811915C3B306055C3901BDA96F99612FD001B2 ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
23:20:54.0497 0x2634  NvStUSB - ok
23:20:54.0515 0x2634  [ AC855DAF48D88318D0475F6A22834B6A, 3E69176A6363674F52598042D610915F50E721FF40C622205AB7BB50E419C7F3 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
23:20:54.0536 0x2634  nvsvc - ok
23:20:54.0540 0x2634  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
23:20:54.0545 0x2634  nvvad_WaveExtensible - ok
23:20:54.0548 0x2634  nv_agp - ok
23:20:54.0549 0x2634  OneSyncSvc - ok
23:20:54.0553 0x2634  Origin Client Service - ok
23:20:54.0558 0x2634  [ 2D1931102E3FA5942DA27A8F3942418B, 30BAB70BA85274D373A11D41E8C20CB8556D7EF7FFFB8D82C88C4002CCA79B37 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:20:54.0565 0x2634  ose - ok
23:20:54.0567 0x2634  p2pimsvc - ok
23:20:54.0569 0x2634  p2psvc - ok
23:20:54.0571 0x2634  Parport - ok
23:20:54.0573 0x2634  partmgr - ok
23:20:54.0575 0x2634  PcaSvc - ok
23:20:54.0576 0x2634  pci - ok
23:20:54.0578 0x2634  pciide - ok
23:20:54.0580 0x2634  pcmcia - ok
23:20:54.0581 0x2634  pcw - ok
23:20:54.0587 0x2634  pdc - ok
23:20:54.0590 0x2634  PEAUTH - ok
23:20:54.0591 0x2634  percsas2i - ok
23:20:54.0593 0x2634  percsas3i - ok
23:20:54.0615 0x2634  PerfHost - ok
23:20:54.0619 0x2634  PhoneSvc - ok
23:20:54.0621 0x2634  PimIndexMaintenanceSvc - ok
23:20:54.0625 0x2634  pla - ok
23:20:54.0626 0x2634  PlugPlay - ok
23:20:54.0632 0x2634  PNRPAutoReg - ok
23:20:54.0634 0x2634  PNRPsvc - ok
23:20:54.0635 0x2634  PolicyAgent - ok
23:20:54.0638 0x2634  Power - ok
23:20:54.0640 0x2634  PptpMiniport - ok
23:20:54.0686 0x2634  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:20:54.0753 0x2634  PrintNotify - ok
23:20:54.0757 0x2634  Processor - ok
23:20:54.0759 0x2634  ProfSvc - ok
23:20:54.0761 0x2634  Psched - ok
23:20:54.0763 0x2634  QWAVE - ok
23:20:54.0764 0x2634  QWAVEdrv - ok
23:20:54.0766 0x2634  RasAcd - ok
23:20:54.0772 0x2634  RasAgileVpn - ok
23:20:54.0773 0x2634  RasAuto - ok
23:20:54.0775 0x2634  Rasl2tp - ok
23:20:54.0776 0x2634  RasMan - ok
23:20:54.0778 0x2634  RasPppoe - ok
23:20:54.0779 0x2634  RasSstp - ok
23:20:54.0781 0x2634  rdbss - ok
23:20:54.0788 0x2634  rdpbus - ok
23:20:54.0789 0x2634  RDPDR - ok
23:20:54.0792 0x2634  RdpVideoMiniport - ok
23:20:54.0794 0x2634  rdyboost - ok
23:20:54.0796 0x2634  ReFSv1 - ok
23:20:54.0801 0x2634  RemoteAccess - ok
23:20:54.0803 0x2634  RemoteRegistry - ok
23:20:54.0804 0x2634  RetailDemo - ok
23:20:54.0806 0x2634  RpcEptMapper - ok
23:20:54.0808 0x2634  RpcLocator - ok
23:20:54.0810 0x2634  RpcSs - ok
23:20:54.0815 0x2634  rspndr - ok
23:20:54.0817 0x2634  s3cap - ok
23:20:54.0819 0x2634  SamSs - ok
23:20:54.0820 0x2634  sbp2port - ok
23:20:54.0822 0x2634  SCardSvr - ok
23:20:54.0824 0x2634  ScDeviceEnum - ok
23:20:54.0825 0x2634  scfilter - ok
23:20:54.0827 0x2634  Schedule - ok
23:20:54.0829 0x2634  SCPolicySvc - ok
23:20:54.0831 0x2634  sdbus - ok
23:20:54.0833 0x2634  SDRSVC - ok
23:20:54.0839 0x2634  sdstor - ok
23:20:54.0841 0x2634  seclogon - ok
23:20:54.0842 0x2634  SENS - ok
23:20:54.0844 0x2634  SensorDataService - ok
23:20:54.0846 0x2634  SensorService - ok
23:20:54.0848 0x2634  SensrSvc - ok
23:20:54.0849 0x2634  SerCx - ok
23:20:54.0851 0x2634  SerCx2 - ok
23:20:54.0853 0x2634  Serenum - ok
23:20:54.0859 0x2634  Serial - ok
23:20:54.0860 0x2634  sermouse - ok
23:20:54.0864 0x2634  SessionEnv - ok
23:20:54.0866 0x2634  sfloppy - ok
23:20:54.0868 0x2634  SharedAccess - ok
23:20:54.0874 0x2634  ShellHWDetection - ok
23:20:54.0875 0x2634  SiSRaid2 - ok
23:20:54.0878 0x2634  SiSRaid4 - ok
23:20:54.0883 0x2634  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:20:54.0892 0x2634  SkypeUpdate - ok
23:20:54.0895 0x2634  [ ED3188A5AC871564D2598F289B5D36DF, CCDCA10105480DB16B4E0BD2767EA2DEF62C9996F2E059FBAA4A3B40AE3E97F6 ] SLEE_18_DRIVER  C:\WINDOWS\Sleen1864.sys
23:20:54.0900 0x2634  SLEE_18_DRIVER - ok
23:20:54.0902 0x2634  smphost - ok
23:20:54.0904 0x2634  SmsRouter - ok
23:20:54.0907 0x2634  SNMPTRAP - ok
23:20:54.0909 0x2634  spaceport - ok
23:20:54.0910 0x2634  SpbCx - ok
23:20:54.0912 0x2634  Spooler - ok
23:20:54.0914 0x2634  sppsvc - ok
23:20:54.0919 0x2634  srv - ok
23:20:54.0920 0x2634  srv2 - ok
23:20:54.0922 0x2634  srvnet - ok
23:20:54.0924 0x2634  SSDPSRV - ok
23:20:54.0926 0x2634  SstpSvc - ok
23:20:54.0928 0x2634  StateRepository - ok
23:20:54.0943 0x2634  [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:20:54.0956 0x2634  Steam Client Service - ok
23:20:54.0964 0x2634  [ 7D076C1B67B7134D1AB1007AF78AE486, DF315421D287957F7A7A69B649F993E7798A35E716610AA93AB23EE350DC0D90 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:20:54.0972 0x2634  Stereo Service - ok
23:20:54.0975 0x2634  stexstor - ok
23:20:54.0977 0x2634  stisvc - ok
23:20:54.0978 0x2634  storahci - ok
23:20:54.0980 0x2634  storflt - ok
23:20:54.0982 0x2634  stornvme - ok
23:20:54.0984 0x2634  storqosflt - ok
23:20:54.0986 0x2634  StorSvc - ok
23:20:54.0988 0x2634  storufs - ok
23:20:54.0989 0x2634  storvsc - ok
23:20:54.0991 0x2634  svsvc - ok
23:20:54.0993 0x2634  swenum - ok
23:20:54.0995 0x2634  swprv - ok
23:20:54.0996 0x2634  Synth3dVsc - ok
23:20:54.0998 0x2634  SysMain - ok
23:20:55.0000 0x2634  SystemEventsBroker - ok
23:20:55.0005 0x2634  TabletInputService - ok
23:20:55.0007 0x2634  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
23:20:55.0012 0x2634  tap0901 - ok
23:20:55.0014 0x2634  TapiSrv - ok
23:20:55.0016 0x2634  Tcpip - ok
23:20:55.0018 0x2634  Tcpip6 - ok
23:20:55.0020 0x2634  tcpipreg - ok
23:20:55.0022 0x2634  tdx - ok
23:20:55.0024 0x2634  terminpt - ok
23:20:55.0026 0x2634  TermService - ok
23:20:55.0028 0x2634  Themes - ok
23:20:55.0029 0x2634  TieringEngineService - ok
23:20:55.0031 0x2634  tiledatamodelsvc - ok
23:20:55.0038 0x2634  TimeBroker - ok
23:20:55.0040 0x2634  TPM - ok
23:20:55.0042 0x2634  TrkWks - ok
23:20:55.0044 0x2634  TrustedInstaller - ok
23:20:55.0045 0x2634  tsusbflt - ok
23:20:55.0047 0x2634  TsUsbGD - ok
23:20:55.0049 0x2634  tunnel - ok
23:20:55.0051 0x2634  tzautoupdate - ok
23:20:55.0053 0x2634  uagp35 - ok
23:20:55.0058 0x2634  UASPStor - ok
23:20:55.0060 0x2634  UcmCx0101 - ok
23:20:55.0062 0x2634  UcmUcsi - ok
23:20:55.0063 0x2634  Ucx01000 - ok
23:20:55.0065 0x2634  UdeCx - ok
23:20:55.0067 0x2634  udfs - ok
23:20:55.0072 0x2634  UEFI - ok
23:20:55.0074 0x2634  Ufx01000 - ok
23:20:55.0076 0x2634  UfxChipidea - ok
23:20:55.0077 0x2634  ufxsynopsys - ok
23:20:55.0081 0x2634  UI0Detect - ok
23:20:55.0082 0x2634  uliagpkx - ok
23:20:55.0088 0x2634  umbus - ok
23:20:55.0090 0x2634  UmPass - ok
23:20:55.0092 0x2634  UmRdpService - ok
23:20:55.0093 0x2634  UnistoreSvc - ok
23:20:55.0097 0x2634  upnphost - ok
23:20:55.0104 0x2634  UrsChipidea - ok
23:20:55.0105 0x2634  UrsCx01000 - ok
23:20:55.0107 0x2634  UrsSynopsys - ok
23:20:55.0110 0x2634  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
23:20:55.0118 0x2634  USBAAPL64 - ok
23:20:55.0120 0x2634  usbaudio - ok
23:20:55.0122 0x2634  usbccgp - ok
23:20:55.0123 0x2634  usbcir - ok
23:20:55.0125 0x2634  usbehci - ok
23:20:55.0127 0x2634  usbhub - ok
23:20:55.0128 0x2634  USBHUB3 - ok
23:20:55.0130 0x2634  usbohci - ok
23:20:55.0132 0x2634  usbprint - ok
23:20:55.0134 0x2634  usbser - ok
23:20:55.0139 0x2634  USBSTOR - ok
23:20:55.0141 0x2634  usbuhci - ok
23:20:55.0143 0x2634  USBXHCI - ok
23:20:55.0145 0x2634  UserDataSvc - ok
23:20:55.0149 0x2634  UserManager - ok
23:20:55.0154 0x2634  UsoSvc - ok
23:20:55.0156 0x2634  VaultSvc - ok
23:20:55.0158 0x2634  vdrvroot - ok
23:20:55.0159 0x2634  vds - ok
23:20:55.0161 0x2634  VerifierExt - ok
23:20:55.0163 0x2634  vhdmp - ok
23:20:55.0168 0x2634  vhf - ok
23:20:55.0170 0x2634  vmbus - ok
23:20:55.0172 0x2634  VMBusHID - ok
23:20:55.0174 0x2634  vmicguestinterface - ok
23:20:55.0175 0x2634  vmicheartbeat - ok
23:20:55.0177 0x2634  vmickvpexchange - ok
23:20:55.0179 0x2634  vmicrdv - ok
23:20:55.0184 0x2634  vmicshutdown - ok
23:20:55.0186 0x2634  vmictimesync - ok
23:20:55.0187 0x2634  vmicvmsession - ok
23:20:55.0189 0x2634  vmicvss - ok
23:20:55.0191 0x2634  volmgr - ok
23:20:55.0192 0x2634  volmgrx - ok
23:20:55.0198 0x2634  volsnap - ok
23:20:55.0200 0x2634  vpci - ok
23:20:55.0202 0x2634  vsmraid - ok
23:20:55.0204 0x2634  VSS - ok
23:20:55.0211 0x2634  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
23:20:55.0216 0x2634  vssbrigde64 - ok
23:20:55.0218 0x2634  VSTXRAID - ok
23:20:55.0220 0x2634  vwifibus - ok
23:20:55.0221 0x2634  vwififlt - ok
23:20:55.0223 0x2634  W32Time - ok
23:20:55.0225 0x2634  WacomPen - ok
23:20:55.0227 0x2634  WalletService - ok
23:20:55.0228 0x2634  wanarp - ok
23:20:55.0230 0x2634  wanarpv6 - ok
23:20:55.0236 0x2634  wbengine - ok
23:20:55.0238 0x2634  WbioSrvc - ok
23:20:55.0240 0x2634  Wcmsvc - ok
23:20:55.0242 0x2634  wcncsvc - ok
23:20:55.0243 0x2634  WcsPlugInService - ok
23:20:55.0246 0x2634  WdBoot - ok
23:20:55.0247 0x2634  Wdf01000 - ok
23:20:55.0252 0x2634  WdFilter - ok
23:20:55.0254 0x2634  WdiServiceHost - ok
23:20:55.0255 0x2634  WdiSystemHost - ok
23:20:55.0257 0x2634  wdiwifi - ok
23:20:55.0259 0x2634  WdNisDrv - ok
23:20:55.0261 0x2634  WdNisSvc - ok
23:20:55.0266 0x2634  WebClient - ok
23:20:55.0268 0x2634  Wecsvc - ok
23:20:55.0269 0x2634  WEPHOSTSVC - ok
23:20:55.0271 0x2634  wercplsupport - ok
23:20:55.0273 0x2634  WerSvc - ok
23:20:55.0275 0x2634  WFPLWFS - ok
23:20:55.0277 0x2634  WiaRpc - ok
23:20:55.0281 0x2634  WIMMount - ok
23:20:55.0282 0x2634  WinDefend - ok
23:20:55.0286 0x2634  WindowsTrustedRT - ok
23:20:55.0288 0x2634  WindowsTrustedRTProxy - ok
23:20:55.0290 0x2634  WinHttpAutoProxySvc - ok
23:20:55.0292 0x2634  WinMad - ok
23:20:55.0296 0x2634  Winmgmt - ok
23:20:55.0297 0x2634  WinRM - ok
23:20:55.0304 0x2634  WINUSB - ok
23:20:55.0306 0x2634  WinVerbs - ok
23:20:55.0309 0x2634  WlanSvc - ok
23:20:55.0310 0x2634  wlidsvc - ok
23:20:55.0312 0x2634  WmiAcpi - ok
23:20:55.0315 0x2634  wmiApSrv - ok
23:20:55.0321 0x2634  WMPNetworkSvc - ok
23:20:55.0326 0x2634  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:20:55.0335 0x2634  Wof - ok
23:20:55.0338 0x2634  workfolderssvc - ok
23:20:55.0340 0x2634  wpcfltr - ok
23:20:55.0342 0x2634  WPDBusEnum - ok
23:20:55.0343 0x2634  WpdUpFltr - ok
23:20:55.0345 0x2634  WpnService - ok
23:20:55.0347 0x2634  ws2ifsl - ok
23:20:55.0349 0x2634  wscsvc - ok
23:20:55.0355 0x2634  WSDPrintDevice - ok
23:20:55.0356 0x2634  WsDrvInst - ok
23:20:55.0358 0x2634  WSearch - ok
23:20:55.0361 0x2634  WSService - ok
23:20:55.0362 0x2634  wuauserv - ok
23:20:55.0364 0x2634  WudfPf - ok
23:20:55.0369 0x2634  WUDFRd - ok
23:20:55.0371 0x2634  wudfsvc - ok
23:20:55.0373 0x2634  WUDFWpdFs - ok
23:20:55.0375 0x2634  WUDFWpdMtp - ok
23:20:55.0376 0x2634  WwanSvc - ok
23:20:55.0378 0x2634  XblAuthManager - ok
23:20:55.0383 0x2634  XblGameSave - ok
23:20:55.0385 0x2634  xboxgip - ok
23:20:55.0387 0x2634  XboxNetApiSvc - ok
23:20:55.0389 0x2634  xinputhid - ok
23:20:55.0391 0x2634  xusb22 - ok
23:20:55.0392 0x2634  ================ Scan global ===============================
23:20:55.0397 0x2634  [ Global ] - ok
23:20:55.0397 0x2634  ================ Scan MBR ==================================
23:20:55.0398 0x2634  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:20:55.0413 0x2634  \Device\Harddisk0\DR0 - ok
23:20:55.0445 0x2634  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:20:55.0612 0x2634  \Device\Harddisk1\DR1 - ok
23:20:55.0622 0x2634  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
23:20:55.0645 0x2634  \Device\Harddisk2\DR2 - ok
23:20:55.0645 0x2634  ================ Scan VBR ==================================
23:20:55.0646 0x2634  [ 13F1CFE94B9BBF918511C5FFC3FC0ECE ] \Device\Harddisk0\DR0\Partition1
23:20:55.0647 0x2634  \Device\Harddisk0\DR0\Partition1 - ok
23:20:55.0648 0x2634  [ 4F2744665465166542A48D33BD84D407 ] \Device\Harddisk0\DR0\Partition2
23:20:55.0649 0x2634  \Device\Harddisk0\DR0\Partition2 - ok
23:20:55.0650 0x2634  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:20:55.0650 0x2634  \Device\Harddisk0\DR0\Partition3 - ok
23:20:55.0652 0x2634  [ BB4CD7A6D4460DCB842516808E9884D8 ] \Device\Harddisk0\DR0\Partition4
23:20:55.0653 0x2634  \Device\Harddisk0\DR0\Partition4 - ok
23:20:55.0654 0x2634  [ 2B318A8F71A12FAD7A6DD787EFC9A29D ] \Device\Harddisk0\DR0\Partition5
23:20:55.0655 0x2634  \Device\Harddisk0\DR0\Partition5 - ok
23:20:55.0656 0x2634  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
23:20:55.0656 0x2634  \Device\Harddisk2\DR2\Partition1 - ok
23:20:55.0657 0x2634  [ 25EB5D3416071F799E3405BFEEDFD7C5 ] \Device\Harddisk2\DR2\Partition2
23:20:55.0659 0x2634  \Device\Harddisk2\DR2\Partition2 - ok
23:20:55.0659 0x2634  ================ Scan generic autorun ======================
23:20:55.0764 0x2634  [ A15FF7FFA54109281D5742D396271DFC, 2551B6203E594087858FA514FD73DC652AEC45AAAADDFC50240F4AC2BF5C1879 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:20:55.0879 0x2634  RTHDVCPL - ok
23:20:55.0914 0x2634  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:20:55.0949 0x2634  NvBackend - ok
23:20:55.0951 0x2634  ShadowPlay - ok
23:20:56.0132 0x2634  [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe
23:20:56.0333 0x2634  Launch LCore - ok
23:20:56.0344 0x2634  [ EB40CCCBC292BF50F86E948409701A79, D08FA6CD84352F9E31F7149554CD3FF8365FE059ECB0EB0A11F65E22D342C34D ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:20:56.0354 0x2634  Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
23:20:58.0648 0x2634  Detect skipped due to KSN trusted
23:20:58.0648 0x2634  Classic Start Menu - ok
23:20:58.0657 0x2634  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:20:58.0667 0x2634  AdobeAAMUpdater-1.0 - ok
23:20:58.0671 0x2634  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
23:20:58.0677 0x2634  iTunesHelper - ok
23:20:58.0707 0x2634  [ 50E68F8313263B1A12A767341A25663B, FE7785CB59EC46CD625312D3ACC825FF3533C120FB1801AD0F281FD443B0F3BE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:20:58.0741 0x2634  Adobe Creative Cloud - ok
23:20:58.0767 0x2634  [ B6990DF4D73FCB28525FA9E674453739, 042C48C1C854340A34A175E1510C2A826157AA3A603A78AAB66369CE86F3FCFC ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
23:20:58.0795 0x2634  Acrobat Assistant 8.0 - ok
23:20:58.0816 0x2634  OneDriveSetup - ok
23:20:58.0817 0x2634  OneDriveSetup - ok
23:20:58.0826 0x2634  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Marco\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:20:58.0839 0x2634  OneDrive - ok
23:20:58.0851 0x2634  [ 455927608C21945849E1A3E35E36671F, B62B306D350848AB5CB7A1D3DEEB06040E84AE57F61EC69377F90F6F0F7ED975 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:20:58.0864 0x2634  GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C - ok
23:20:58.0866 0x2634  Skype - ok
23:20:58.0896 0x2634  [ 8D33759428539564CBF7008CA9FC5DA8, 5AC7B7554C21EC9A3D763E8E109549CF8999E4C04F2460F2DB56B0D84051D9B9 ] C:\Users\Marco\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:20:58.0931 0x2634  Spotify Web Helper - ok
23:20:58.0932 0x2634  EADM - ok
23:20:59.0041 0x2634  [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files\CCleaner\CCleaner64.exe
23:20:59.0157 0x2634  CCleaner Monitoring - ok
23:20:59.0265 0x2634  [ AA7AAD0CABFA4C0473FB5756C11028A9, 0D2FE8F78F3A8D5DF3F172A4876693D48BD2F5706726043E41F8E9FE3A8B9DF0 ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
23:20:59.0363 0x2634  DisplayFusion - ok
23:20:59.0377 0x2634  [ 42CD0245D2BE7184E774BC89DAA4F6C2, EDF4942E9A27478241CB33ECC8F75239AD0E294D1CD2202DB9F707BD6873B2FC ] C:\Program Files (x86)\puush\puush.exe
23:20:59.0388 0x2634  puush - ok
23:20:59.0389 0x2634  PureSync - ok
23:20:59.0490 0x2634  [ 7A75780AF331526FCA6C0BDB503EFD3F, 1C94B57557F629B8692D0544C3A61860FD932DAA803E8F03BE8BF7319286BB37 ] C:\Users\Marco\AppData\Roaming\Spotify\Spotify.exe
23:20:59.0602 0x2634  Spotify - ok
23:20:59.0610 0x2634  [ 62ED7A1E3B50A1DAA65506012F5784BA, D03B1E20BA1145FDA006F5C025FB9E07B7935CD48BD3264A790FAAE9EC416BEF ] C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe
23:20:59.0615 0x2634  SAFE15 Browser Monitor - detected UnsignedFile.Multi.Generic ( 1 )
23:21:01.0911 0x2634  Detect skipped due to KSN trusted
23:21:01.0911 0x2634  SAFE15 Browser Monitor - ok
23:21:01.0923 0x2634  [ DEA194BB93689305539E179B013CB01D, E0D897BD476BBE0167177623B5B149DE041F6CEE69E8628DF72790363DAAD2EC ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
23:21:01.0938 0x2634  Adobe Acrobat Synchronizer - ok
23:21:01.0966 0x2634  [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:21:01.0996 0x2634  WSHelperSetup.exe - ok
23:21:02.0009 0x2634  [ 764BE29C9F78D949191C995B9BA4492A, A42EADC8546859A717F149C044235410B5908837B471889B281195C860AC558D ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMAE.EXE
23:21:02.0017 0x2634  EPLTarget\P0000000000000000 - ok
23:21:02.0020 0x2634  Uninstall C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64 - ok
23:21:02.0023 0x2634  Waiting for KSN requests completion. In queue: 41
23:21:03.0023 0x2634  Waiting for KSN requests completion. In queue: 41
23:21:04.0023 0x2634  Waiting for KSN requests completion. In queue: 41
23:21:04.0322 0x2994  Object required for P2P: [ AF5BE3694A76365874B8967331049F2C ] NvStreamNetworkSvc
23:21:05.0024 0x2634  Waiting for KSN requests completion. In queue: 32
23:21:06.0024 0x2634  Waiting for KSN requests completion. In queue: 32
23:21:06.0739 0x2994  Object send P2P result: true
23:21:06.0740 0x2994  Object required for P2P: [ AC855DAF48D88318D0475F6A22834B6A ] nvsvc
23:21:07.0024 0x2634  Waiting for KSN requests completion. In queue: 29
23:21:08.0025 0x2634  Waiting for KSN requests completion. In queue: 29
23:21:09.0025 0x2634  Waiting for KSN requests completion. In queue: 29
23:21:09.0144 0x2994  Object send P2P result: true
23:21:09.0144 0x2994  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
23:21:10.0025 0x2634  Waiting for KSN requests completion. In queue: 25
23:21:11.0025 0x2634  Waiting for KSN requests completion. In queue: 25
23:21:11.0544 0x2994  Object send P2P result: true
23:21:11.0544 0x2994  Object required for P2P: [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF ] C:\Program Files\Logitech Gaming Software\LCore.exe
23:21:12.0025 0x2634  Waiting for KSN requests completion. In queue: 15
23:21:13.0026 0x2634  Waiting for KSN requests completion. In queue: 15
23:21:13.0973 0x2994  Object send P2P result: true
23:21:13.0973 0x2994  Object required for P2P: [ 50E68F8313263B1A12A767341A25663B ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:21:14.0026 0x2634  Waiting for KSN requests completion. In queue: 12
23:21:15.0027 0x2634  Waiting for KSN requests completion. In queue: 12
23:21:16.0027 0x2634  Waiting for KSN requests completion. In queue: 12
23:21:16.0378 0x2994  Object send P2P result: true
23:21:16.0378 0x2994  Object required for P2P: [ B6990DF4D73FCB28525FA9E674453739 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
23:21:17.0027 0x2634  Waiting for KSN requests completion. In queue: 11
23:21:18.0028 0x2634  Waiting for KSN requests completion. In queue: 11
23:21:18.0782 0x2994  Object send P2P result: true
23:21:18.0783 0x2994  Object required for P2P: [ 8D33759428539564CBF7008CA9FC5DA8 ] C:\Users\Marco\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:21:19.0028 0x2634  Waiting for KSN requests completion. In queue: 8
23:21:20.0028 0x2634  Waiting for KSN requests completion. In queue: 8
23:21:21.0029 0x2634  Waiting for KSN requests completion. In queue: 8
23:21:21.0188 0x2994  Object send P2P result: true
23:21:21.0188 0x2994  Object required for P2P: [ 7A75780AF331526FCA6C0BDB503EFD3F ] C:\Users\Marco\AppData\Roaming\Spotify\Spotify.exe
23:21:22.0029 0x2634  Waiting for KSN requests completion. In queue: 4
23:21:23.0029 0x2634  Waiting for KSN requests completion. In queue: 4
23:21:23.0607 0x2994  Object send P2P result: true
23:21:24.0039 0x2634  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
23:21:24.0039 0x2634  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
23:21:24.0040 0x2634  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
23:21:26.0384 0x2634  ============================================================
23:21:26.0384 0x2634  Scan finished
23:21:26.0384 0x2634  ============================================================
23:21:26.0389 0x2904  Detected object count: 0
23:21:26.0389 0x2904  Actual detected object count: 0

M-K-D-B · 23.05.2016, 22:31

Servus,

Schritt 1
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von MBAM,
die Logdatei von AdwCleaner,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

swammcrusher · 23.05.2016, 22:52

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-05-2016
durchgeführt von Marco (Administrator) auf GAMER_MARCO (23-05-2016 23:50:41)
Gestartet von E:\User\Gamer_Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-10] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe [100864 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [LWS] => F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1326584 2015-11-15] ()
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify Web Helper] => C:\Users\Marco\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EADM] => F:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-21] (Electronic Arts)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8538648 2015-11-16] (Binary Fortress Software)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-12-30] ()
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [PureSync] => F:\Program Files (x86)\Pure Sync\PureSyncTray.exe [1025712 2015-12-02] (Jumping Bytes)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify] => C:\Users\Marco\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMAE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304 2016-05-11] (Google Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\RunOnce: [Uninstall C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\MountPoints2: {59cdb1d5-eada-11e5-9eaa-d8cb8a350237} - "I:\startme.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{5481a273-95bd-4857-9b12-32f0150dfd89}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-10] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-10] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> F:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Extension: Flash and Video Download - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-13]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-04]
FF Extension: Combo - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\combo@yandex.ru.xpi [2016-01-16]
FF Extension: No Flash - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-cplLTTY501TB2Q@jetpack.xpi [2016-05-07]
FF Extension: YouTube™ Flash® Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2016-05-07]
FF Extension: Flash Control - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2016-05-07]
FF Extension: YouTube Flash Video Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://forum.troubletown.de/
CHR StartupUrls: Profile 1 -> "hxxp://www.youtube.com/?gl=DE&hl=de"
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-30]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-07]
CHR Extension: (Google Docs) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-04]
CHR Extension: (Google-Suche) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-12-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-07]
CHR Extension: (Google Tabellen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Desktop Notifications für Android) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-04-19]
CHR Extension: (Lone Tree) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-12-30]
CHR Extension: (Floating for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-01-30]
CHR Extension: (AudioSauna) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-01-04]
CHR Extension: (Until AM for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2015-12-30]
CHR Extension: (Twitch Now) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Wunderlist for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2016-02-05]
CHR Extension: (Click&Clean App) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-05-20]
CHR Extension: (Google Mail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-30]
CHR Extension: (RSS Feed Reader) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-05-02]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls: "hxxp://www.youtube.de/"
OPR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-05-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1933000 2016-02-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-30] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4608040 2015-11-16] (Binary Fortress Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-21] (Electronic Arts)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40720 2016-01-23] (Google Inc)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
S3 AVer330USB; C:\Windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (AVerMedia TECHNOLOGIES, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-04] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-30] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-30] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-04] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-30] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-30] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-23 23:49 - 2016-05-23 23:49 - 00000781 _____ C:\Users\Marco\Desktop\JRT.txt
2016-05-23 23:36 - 2016-05-23 23:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-23 23:36 - 2016-05-23 23:36 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-23 23:36 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-23 23:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-23 23:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-23 23:20 - 2016-05-23 23:25 - 00104644 _____ C:\TDSSKiller.3.1.0.9_23.05.2016_23.20.10_log.txt
2016-05-23 20:24 - 2016-05-23 23:50 - 00000000 ____D C:\FRST
2016-05-23 20:07 - 2016-05-23 23:46 - 00000000 ____D C:\AdwCleaner
2016-05-23 17:06 - 2016-05-23 17:06 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-05-23 17:06 - 2016-05-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-05-23 17:05 - 2016-05-23 17:06 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-05-23 17:01 - 2016-05-23 17:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LockAP
2016-05-23 16:52 - 2016-05-23 16:52 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LibreOffice
2016-05-20 19:53 - 2016-05-20 19:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-20 19:53 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-11 16:18 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 16:18 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 16:18 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 16:18 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 16:17 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 16:17 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 16:17 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 16:17 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 16:17 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 16:17 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 16:17 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 16:17 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 16:17 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 16:17 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 16:17 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 16:17 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 16:17 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 16:17 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 16:17 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 16:17 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 16:17 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 16:17 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 16:17 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 16:17 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 16:17 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 16:17 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 16:17 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 16:17 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 16:17 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 16:17 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 16:17 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 16:17 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 16:17 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 16:17 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files\iPod
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-07 23:11 - 2016-05-23 23:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-07 23:11 - 2016-05-22 01:12 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-07 23:11 - 2016-05-13 22:24 - 00004028 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-07 23:11 - 2016-05-13 22:24 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-07 23:09 - 2016-05-23 20:15 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-07 23:09 - 2016-05-13 21:54 - 00003984 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1462655346
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Opera Software
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Local\Opera Software
2016-05-07 23:08 - 2016-05-13 21:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-07 18:55 - 2016-05-07 20:30 - 00000000 ____D C:\Users\Marco\AppData\Local\RECentral
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2016-05-07 18:55 - 2015-04-09 08:14 - 01551616 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\WINDOWS\system32\Drivers\AVer330USB.sys
2016-05-07 18:55 - 2014-12-16 10:39 - 00454064 _____ C:\WINDOWS\system32\Drivers\qpvidfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00363832 _____ C:\WINDOWS\system32\Drivers\qpaudfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00125440 _____ (AVerMedia Technology, Inc.) C:\WINDOWS\SysWOW64\PropPage.ax
2016-05-07 18:55 - 2013-04-22 12:00 - 00495616 _____ C:\WINDOWS\SysWOW64\D3DX8ab.dll
2016-05-07 18:55 - 2012-11-25 15:26 - 02365756 _____ C:\WINDOWS\SysWOW64\libfftw3-3.dll
2016-05-07 18:55 - 2012-04-21 06:21 - 01625088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPb72c.rra
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Users\Marco\AppData\Local\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2016-04-29 22:35 - 2016-05-23 23:48 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn Hamachi
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\ProgramData\LogMeIn
2016-04-29 18:35 - 2016-04-29 18:33 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-04-29 18:31 - 2016-04-29 18:31 - 00000000 ____D C:\Users\Marco\SimpleJavaYoutubeUploader
2016-04-29 17:04 - 2016-04-29 17:04 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-29 17:04 - 2016-04-29 17:04 - 00001993 _____ C:\WINDOWS\unins000.dat
2016-04-29 17:04 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-29 17:04 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-29 17:00 - 2016-04-29 17:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Dxtory Software
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\Program Files (x86)\Dxtory Software
2016-04-29 17:00 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\WINDOWS\system32\DxtoryCodec64.dll
2016-04-29 17:00 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\WINDOWS\SysWOW64\DxtoryCodec.dll
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-04-26 14:05 - 2016-05-23 21:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\obs-studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\Program Files (x86)\obs-studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-23 23:47 - 2016-03-12 15:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-23 23:47 - 2016-03-12 15:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-23 23:47 - 2015-12-30 01:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-23 23:47 - 2015-12-30 01:30 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-23 23:47 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-23 23:45 - 2015-12-30 01:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-23 23:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-05-23 23:38 - 2016-03-29 17:38 - 00000943 _____ C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job
2016-05-23 23:38 - 2015-12-30 02:31 - 00000000 ____D C:\Users\Marco\AppData\Local\ClassicShell
2016-05-23 23:26 - 2015-12-30 01:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\TS3Client
2016-05-23 22:46 - 2016-01-30 17:04 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{522583D8-BE19-41DB-B52F-E4C35B2DE8FD}
2016-05-23 20:38 - 2015-12-30 01:32 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-23 20:38 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-23 20:38 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-23 20:38 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-23 20:15 - 2016-03-12 15:50 - 05017736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-23 20:15 - 2016-01-30 16:11 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-05-23 20:15 - 2016-01-06 00:36 - 00000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-23 20:15 - 2016-01-01 18:13 - 00000816 _____ C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-23 20:15 - 2015-12-30 01:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-05-23 16:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-23 16:44 - 2015-12-30 01:41 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2016-05-22 18:20 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Local\Spotify
2016-05-22 18:16 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Spotify
2016-05-22 01:13 - 2015-12-30 01:30 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-22 01:12 - 2016-03-19 01:11 - 00000000 ___HD C:\Program Files (x86)\DrFoneAndroid_Temp
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-05-22 01:12 - 2016-01-23 14:14 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Wondershare
2016-05-22 01:11 - 2015-12-23 21:08 - 00000000 ____D C:\Users\Marco\.android
2016-05-21 23:40 - 2015-11-28 14:44 - 00000080 _____ C:\Users\Marco\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-05-21 23:16 - 2015-12-30 02:22 - 00000000 ____D C:\ProgramData\Origin
2016-05-21 21:59 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-21 00:48 - 2015-12-30 02:56 - 00000000 ____D C:\Users\Marco\AppData\Local\CrashDumps
2016-05-20 19:53 - 2015-12-30 01:35 - 00000000 ____D C:\Users\Marco\AppData\Local\NVIDIA
2016-05-19 17:07 - 2016-01-07 16:29 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-05-19 17:03 - 2015-12-30 02:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-19 17:03 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-16 18:13 - 2016-04-03 17:51 - 00000000 ____D C:\Users\Marco\AppData\Roaming\.minecraft
2016-05-15 22:10 - 2015-12-30 01:58 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Skype
2016-05-15 00:43 - 2016-03-12 15:51 - 00000000 ____D C:\Users\Marco
2016-05-14 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 15:01 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 22:08 - 2016-01-07 16:29 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 22:07 - 2016-01-07 16:29 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-05-13 21:56 - 2015-12-30 01:22 - 00000000 ____D C:\Users\Marco\AppData\Local\Packages
2016-05-13 21:53 - 2015-07-28 20:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 20:26 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 20:26 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 20:25 - 2015-12-30 19:14 - 00000000 ____D C:\Users\Marco\AppData\Local\DisplayFusion
2016-05-11 16:40 - 2015-12-30 01:30 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 16:40 - 2015-12-30 01:30 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:34 - 2015-12-30 02:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 16:29 - 2015-12-30 02:10 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 15:59 - 2015-12-30 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-05-11 15:58 - 2015-12-30 01:33 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-11 15:58 - 2015-12-30 01:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-07 18:56 - 2015-12-30 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-02 07:39 - 2015-12-30 01:36 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-05-02 07:39 - 2015-12-30 01:36 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ____D C:\ProgramData\Skype
2016-04-30 16:51 - 2016-01-20 20:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\OBS
2016-04-30 16:28 - 2016-02-06 22:29 - 00000000 ____D C:\Users\Marco\AppData\Local\ftblauncher
2016-04-29 18:38 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Oracle
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-29 18:33 - 2015-12-30 01:42 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-04-29 18:33 - 2015-12-30 01:42 - 00000000 ____D C:\Program Files\Java
2016-04-29 18:33 - 2015-12-30 01:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-29 18:33 - 2015-10-25 14:03 - 00000000 ____D C:\Users\Marco\.oracle_jre_usage
2016-04-28 16:25 - 2015-12-30 01:37 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-26 17:50 - 2016-01-05 17:45 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Audacity
2016-04-26 16:14 - 2016-01-04 19:25 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-14 17:43 - 2016-01-14 17:43 - 0031400 _____ () C:\Users\Marco\AppData\Roaming\VoiceMeeterDefault.xml
2016-04-09 13:39 - 2016-04-09 13:39 - 0000874 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2016-03-12 23:45 - 2016-04-10 13:00 - 0007602 _____ () C:\Users\Marco\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Marco\AppData\Local\Temp\libeay32.dll
C:\Users\Marco\AppData\Local\Temp\mjqm325LcX.exe
C:\Users\Marco\AppData\Local\Temp\msvcr120.dll
C:\Users\Marco\AppData\Local\Temp\SjpBLSdrQw.exe
C:\Users\Marco\AppData\Local\Temp\sqlite3.dll
C:\Users\Marco\AppData\Local\Temp\_is3CE5.exe
C:\Users\Marco\AppData\Local\Temp\_isA7D4.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-15 17:32

==================== Ende von FRST.txt ============================

swammcrusher · 23.05.2016, 22:54

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-05-2016
durchgeführt von Marco (2016-05-23 23:50:57)
Gestartet von E:\User\Gamer_Marco\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-12 13:55:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1580680786-608523540-2495891008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1580680786-608523540-2495891008-503 - Limited - Disabled)
Gast (S-1-5-21-1580680786-608523540-2495891008-501 - Limited - Disabled)
Marco (S-1-5-21-1580680786-608523540-2495891008-1001 - Administrator - Enabled) => C:\Users\Marco

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.1.0 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.8 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.1.2.0 - Auslogics Labs Pty Ltd)
AVerMedia GL710 Live Gamer Portable 3.7.64.39 (HKLM-x32\...\AVerMedia GL710 Live Gamer Portable) (Version: 3.7.64.39 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 7.3.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.2.0 - Binary Fortress Software)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2660 Series Printer Uninstall (HKLM\...\EPSON WF-2660 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FIFA 16 DEMO (HKLM-x32\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts)
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.4.317 - DVDVideoSoft Ltd.)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.19) (Version: 9.19 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jingle Palette 4.4.5 (HKLM-x32\...\Jingle Palette) (Version: 4.4.5 - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Firefox 44.0.2 (x86 de) (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.7.1 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MTproLight 3.8 (HKLM-x32\...\MTproLight) (Version: 3.8.0.0 - Bosch Rexroth AG)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Opera Stable 37.0.2178.43 (HKLM-x32\...\Opera 37.0.2178.43) (Version: 37.0.2178.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PureSync (x32 Version: 4.0.0 - Jumping Bytes) Hidden
PureSync 4.0.0 (HKLM-x32\...\PureSync) (Version: 4.0.0 - Jumping Bytes)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Safe 15 (HKLM-x32\...\{D3FB0B73-11DF-41EE-9B6D-C7198079A88E}) (Version: 15.2.1 - Steganos Software GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version:  - SCS Software)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A8F89265890D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {10C58BBB-FFB1-4DC6-B74E-0AB61E3E4FB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2EEEC597-D495-4117-BAD7-3B2D61E5C9C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {561FBB89-B183-44D4-B1AE-44BA16A9CB10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {5C2FC76E-25B7-4627-B565-9C0430BA0776} - System32\Tasks\Opera scheduled Autoupdate 1462655346 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-09] (Opera Software)
Task: {75210AB4-3F7E-4E61-B0A7-5EB1EA669C95} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-marcocardinal@ok.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {8F5AEF37-E2C6-439C-A523-FC0525A623DE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {9F88298B-6D1E-4EBA-8BE3-DA055C752296} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {A2AE5972-E5B0-45D6-982F-B24111E01E2B} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {A98C9F97-284D-4CA2-8EA3-7C003CB5BF90} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {B1A46BCB-1324-44F8-B766-6A7C5F7E8E34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {B83EE2AC-59B5-4DF0-8BDD-52717B92FE70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {E78D3301-36EF-4EDE-9124-DD7E3CF65FBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {FA651E8A-8346-4637-926E-D4BF3591A9B2} - System32\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {FC970EDD-59FB-41F2-9AFF-0D76ACFC55CE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{EA5DFD3C-470C-463C-8757-713F4BCE6FE4} /F:UpdateWORKGROUP\GAMER_MARCO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-30 02:34 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-03-06 01:22 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-30 01:36 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-06 01:22 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-20 19:53 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-17 01:30 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2010-11-17 16:00 - 2010-11-17 16:00 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 15\ShellExtension.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-03-12 15:47 - 2016-03-12 15:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 16:18 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 16:17 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 16:18 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 16:18 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-20 19:53 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-30 01:36 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-12-30 01:10 - 2015-12-30 01:10 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1580680786-608523540-2495891008-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marco\AppData\Local\DisplayFusion\Wallpaper_2.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SAFE15 File Redirection Starter"
HKLM\...\StartupApproved\Run32: => "Steganos HotKeys"
HKLM\...\StartupApproved\Run32: => "DFX"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "WSHelperSetup.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "SAFE15 Browser Monitor"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "WSHelperSetup.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD0A5C80-CDF7-4785-BA7E-AE37D7214920}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2ECDED1F-0924-4B71-8A48-F2628E954926}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E667E24A-E57D-42B1-B64D-0BD4276B8495}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F03A89E1-886A-4CEE-A0D6-BB519FD835B4}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E4262F6E-98DE-4DF7-82D4-E4116A1DE561}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A53C1EC-C22F-4347-8C1F-D390166269C8}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [UDP Query User{B401E615-2227-4F35-8556-D5E4B06DA123}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [TCP Query User{B71DACC4-0E53-4D50-A9EA-31AFD8AD3655}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [UDP Query User{601CCDCC-A341-4BBC-8DDA-DAFDF1E8B96F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{3F26A9B7-9B3D-453B-BD10-6CFF09449B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7417B97F-566A-4B29-953C-9F53B3FDDB8F}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{57AD2227-13D6-4C75-AC7B-69A8FB301B10}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{59D6AED6-8B36-45E2-A9BB-F6019F1C0C9C}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8074B0EF-50AD-469C-A06F-38C03252D670}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{10C778CC-40DC-41EE-A3A5-0E813F4A3915}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{10AAC774-2EFB-455A-ABE2-4C0573A23411}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{2A7D0F39-49B3-410C-8AD5-B1CEF54B456D}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45F8BFDB-FD53-482E-8AD5-C6F35D3B9D9B}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5152B05F-258B-46E2-B927-C7FF6BF457D6}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A34C4A7D-7835-49F2-98A6-CD7F29E03F4D}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10874CA3-CD96-4E2A-A014-39C9F653D019}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{14C9F802-2DC0-4E9C-AE59-9524798F7040}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{4278152A-4608-44D8-AB69-F5F402CFED67}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{B735366A-4AEC-482C-B224-ED2CDBDE5B14}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{30EF49A5-D152-469F-B167-76EE92883383}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{7A097AA4-F24C-44DF-9CE5-F9D94A643243}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{5806E96A-49F8-4818-A01E-9BADB533189B}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93391AC7-AB30-4C44-B72B-36A79E37465E}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0ED660C1-BAA1-4270-90F6-C441674621E4}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4BA75A1E-3FBB-4FBC-A12E-EAD6E55856CC}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{512DB678-0632-4A68-A987-153007CE289B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{15F1769D-DDD0-4198-8A5F-478F043ADB8E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1ADB64E4-19D4-45F3-94FD-CF4B61959189}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{9BA81012-C50C-41E5-8236-69ABDE514690}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{71FA2C04-E229-4586-9485-308B307F143A}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{819376E6-4A76-4F4B-901D-80DB84110ABD}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{CDD38BE4-955D-4646-B6EE-75AF9E7BDBFA}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{2FA3F0DC-1142-431F-AEA5-0F0B00BCEF32}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{D2714BF9-98D9-474F-A944-2216472ACC3A}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{E5FEE2B6-1FC9-45A5-AFF1-E8BEEF3E3924}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B78E3896-EA94-47D1-A57F-846B4355DE52}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40E034CC-525D-4127-B72A-665BE17C8CE1}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{29894679-B805-486D-B926-456AC7038C86}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D0FBDF4D-6F43-47D3-8B21-DA7D673D8B3C}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{118274F0-761E-451E-B487-79EF49A12C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{123A31D4-E8C2-472A-A7C9-E83DCFC04881}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C4ED4934-F1F8-4D4B-A88C-FDC5588B3025}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21D2792A-295A-4248-8245-2BA9BB813840}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CFA9D02-D79B-4A51-8B48-2B8C4FF31F94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E3B9B54-3249-477A-A2D2-6FDE0C1484D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA87E09C-26A9-4201-806A-487B89C26850}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29776142-FED0-4F31-8686-7810FE22DE25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8B20F952-3269-4AB7-B655-190E6052ECAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84CAAFDA-E826-4256-805A-069F4B856DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DE886E61-3D1A-4ED3-90EE-5DC106D54639}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A92FD66-2692-4C2B-AA19-E499BF2C2A86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAD82CE1-CA3A-4D4A-A4F7-15F9C701C6FD}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{DE654915-1684-4F28-B7FF-114067863839}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{053D6B65-2683-4354-B44D-5EB93F34E57E}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{6AFD7479-FA73-4FE0-A34B-0125FA7D2E9F}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{78BA28B4-FA63-4759-B7A2-503FB1670002}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F6B2DD0F-CCAA-49A1-9726-931CEADAFF0A}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{DA51DF10-AB25-41A2-87F4-E9A7A19176E1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{D0E6330D-7EDC-4240-AE2B-8C83E9333694}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9A379AF9-F57F-4726-A9C6-A091F68C4DAA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0028C0CF-942A-466D-B0CD-A6B75F441A5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/23/2016 11:26:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x4d0
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/23/2016 08:13:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_5.117.exe, Version 5.1.1.7 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18b4

Startzeit: 01d1b51e0a35e33a

Beendigungszeit: 4294967295

Anwendungspfad: E:\User\Gamer_Marco\Downloads\adwcleaner_5.117.exe

Berichts-ID: 04536dd0-2112-11e6-9eb4-d8cb8a350237

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (05/22/2016 07:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x36c4
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/22/2016 01:20:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x33fc
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/21/2016 01:08:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x10ec
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/21/2016 01:03:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 50.0.2661.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d98

Startzeit: 01d1b2ba5f8204ae

Beendigungszeit: 3

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 15702a17-1edf-11e6-9eb4-d8cb8a350237

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (05/21/2016 12:48:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UplayService.exe, Version: 19.0.0.4810, Zeitstempel: 0x57308980
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 10.18.13.6175, Zeitstempel: 0x56a2c5b8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00079999
ID des fehlerhaften Prozesses: 0x2074
Startzeit der fehlerhaften Anwendung: 0xUplayService.exe0
Pfad der fehlerhaften Anwendung: UplayService.exe1
Pfad des fehlerhaften Moduls: UplayService.exe2
Berichtskennung: UplayService.exe3
Vollständiger Name des fehlerhaften Pakets: UplayService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UplayService.exe5

Error: (05/20/2016 07:32:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/19/2016 10:26:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x31bc
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/19/2016 06:40:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Excessive update rate for Mediathek\032von\032Gamer_Marco._home-sharing._tcp.local.; delaying announcement by 3 seconds


Systemfehler:
=============
Error: (05/23/2016 11:48:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2016 11:47:19 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (05/23/2016 11:47:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_50002" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:47:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _50002" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:47:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_50002" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:47:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_50002" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:47:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/23/2016 11:46:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/23/2016 11:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/23/2016 11:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-05-19 17:03:29.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 23:15:52.167
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 21:52:00.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 17:16:31.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-10 18:21:47.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.271
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16329.94 MB
Verfügbarer physikalischer RAM: 13711.91 MB
Summe virtueller Speicher: 18761.94 MB
Verfügbarer virtueller Speicher: 15817.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.29 GB) (Free:54.16 GB) NTFS
Drive e: (Daten) (Fixed) (Total:191.99 GB) (Free:59.73 GB) NTFS
Drive f: (Programme) (Fixed) (Total:234.74 GB) (Free:132.23 GB) NTFS
Drive g: (Games) (Fixed) (Total:358.29 GB) (Free:84.9 GB) NTFS
Drive h: (SSD 2) (Fixed) (Total:223.44 GB) (Free:211.87 GB) NTFS
Drive j: (Volume) (Fixed) (Total:146.48 GB) (Free:69.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 22CD7469)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D2CD1FA9)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=192 GB) - (Type=42)
Partition 3: (Not Active) - (Size=739.5 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malware Protection, Starting, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malware Protection, Started, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Starting, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Started, 
Update, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Manual, Remediation Database, 2016.2.12.1, 2016.5.20.1, 
Update, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Manual, IP Database, 2016.2.8.1, 2016.5.23.1, 
Update, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Manual, Rootkit Database, 2016.2.8.1, 2016.5.20.1, 
Update, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Manual, Domain Database, 2016.2.16.8, 2016.5.23.7, 
Update, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Manual, Malware Database, 2016.2.16.6, 2016.5.23.6, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Refresh, Starting, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Stopping, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Stopped, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Refresh, Success, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Starting, 
Protection, 23.05.2016 23:36, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Started, 
Scan, 23.05.2016 23:37, SYSTEM, GAMER_MARCO, Manual, Start: 23.05.2016 23:36, Dauer: 0 Min. 10 Sek., Bedrohungssuchlauf, Abgebrochen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 
Scan, 23.05.2016 23:41, SYSTEM, GAMER_MARCO, Manual, Start: 23.05.2016 23:37, Dauer: 3 Min. 47 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 25 Nicht-Malware-Erkennungen, 
Protection, 23.05.2016 23:42, SYSTEM, GAMER_MARCO, Protection, Malware Protection, Starting, 
Protection, 23.05.2016 23:42, SYSTEM, GAMER_MARCO, Protection, Malware Protection, Started, 
Protection, 23.05.2016 23:42, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Starting, 
Protection, 23.05.2016 23:42, SYSTEM, GAMER_MARCO, Protection, Malicious Website Protection, Started, 

(end)

Code:

ATTFilter

# AdwCleaner v5.117 - Bericht erstellt am 23/05/2016 um 23:46:42
# Aktualisiert am 15/05/2016 von Xplode
# Datenbank : 2016-05-23.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Marco - GAMER_MARCO
# Gestartet von : E:\User\Gamer_Marco\Desktop\adwcleaner_5.117.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\MPC Cleaner

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4523 Bytes] - [23/05/2016 20:15:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [1746 Bytes] - [23/05/2016 20:31:21]
C:\AdwCleaner\AdwCleaner[C3].txt - [1111 Bytes] - [23/05/2016 23:46:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [364 Bytes] - [23/05/2016 20:08:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [5906 Bytes] - [23/05/2016 20:13:46]
C:\AdwCleaner\AdwCleaner[S3].txt - [1346 Bytes] - [23/05/2016 20:19:43]
C:\AdwCleaner\AdwCleaner[S4].txt - [1419 Bytes] - [23/05/2016 20:30:38]
C:\AdwCleaner\AdwCleaner[S5].txt - [1325 Bytes] - [23/05/2016 23:45:16]
C:\AdwCleaner\AdwCleaner[S6].txt - [1398 Bytes] - [23/05/2016 23:46:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1621 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by Marco (Administrator) on 23.05.2016 at 23:48:35,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\WINDOWS\prefetch\FREEYTVDOWNLOADER.EXE-EA2E1B93.pf (File) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.05.2016 at 23:49:16,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M-K-D-B · 24.05.2016, 09:21

Servus,

du hast die falsche Logdatei von MBAM gepostet. Ich benötige die Logdatei des Suchlaufs mit den Funden, nicht die Logdatei der Echtzeitüberwachung.

Lesestoff
MBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.

Starte MBAM.
Klicke auf Verlauf.
Klicke auf Anwendungsprotokolle.
Klicke auf das letzte Scan-Protokoll mit Funden.
Klicke auf Export und dann auf "In Zwischenablage kopieren".
Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.

swammcrusher · 24.05.2016, 15:45

Servus, sorry war mein Fehler

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.05.2016
Suchlaufzeit: 23:37
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.23.06
Rootkit-Datenbank: v2016.05.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Marco

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 398098
Abgelaufene Zeit: 3 Min., 47 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 2764, Löschen bei Neustart, [480a66732a6f54e28e943d508f7214ec]

Module: 4
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [cc8624b53a5f37ffd74b0984a25fae52], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [53ffb9200297c670fb270d800df40cf4], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [66ece7f21c7d4cea55cdd9b40df48f71], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [1b3786530396033338eaa3ea14ed6c94], 

Registrierungsschlüssel: 3
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, Löschen bei Neustart, [480a66732a6f54e28e943d508f7214ec], 
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKpt, Löschen bei Neustart, [9bb735a4c0d9bb7b656a672bd928bb45], 
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, Löschen bei Neustart, [97bbe3f667322610d7a2a82ab2514cb4], 

Registrierungswerte: 3
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [97bbe3f667322610d7a2a82ab2514cb4]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT|Description, MPC Driver, Löschen bei Neustart, [0052b227f1a82313e09a666c7f84ec14]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", Löschen bei Neustart, [86ccdffa1f7ad363b69fffd4e81be11f]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, In Quarantäne, [341ecf0aa0f9f73f13af7b4ff2119c64], 

Dateien: 13
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, Löschen bei Neustart, [480a66732a6f54e28e943d508f7214ec], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [cc8624b53a5f37ffd74b0984a25fae52], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [53ffb9200297c670fb270d800df40cf4], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [66ece7f21c7d4cea55cdd9b40df48f71], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [1b3786530396033338eaa3ea14ed6c94], 
PUP.Optional.MorePowerfulCleaner, C:\Windows\System32\drivers\MPCKpt.sys, Löschen bei Neustart, [9bb735a4c0d9bb7b656a672bd928bb45], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, In Quarantäne, [80d20fca29701c1a81a16528cf328a76], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, In Quarantäne, [b59d6c6d26739a9cd44e583531d0b050], 
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, In Quarantäne, [75dd32a7b5e40e288c965736ae53bf41], 
PUP.Optional.Wajam, C:\Users\Marco\AppData\Local\Temp\0zcOyh1jV2.exe, In Quarantäne, [66ecddfce1b83df9c9daf9db6b969967], 
PUP.Optional.MorePowerfulCleaner, C:\Users\Marco\AppData\Local\Temp\pPCLKa91OL.exe, In Quarantäne, [1a38ce0bd6c3a98db171513c88791de3], 
PUP.Optional.ExpressFiles, C:\Users\Marco\AppData\Local\Temp\wmqjMW0r1s.tmp, In Quarantäne, [2f2307d2d3c6f1457f181eb8768be41c], 
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, In Quarantäne, [341ecf0aa0f9f73f13af7b4ff2119c64], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 24.05.2016, 20:32

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

swammcrusher · 25.05.2016, 17:43

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# end=init
# utc_time=2016-05-24 08:04:19
# local_time=2016-05-24 10:04:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29577
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# end=updated
# utc_time=2016-05-24 08:06:36
# local_time=2016-05-24 10:06:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# engine=29577
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-05-24 08:53:26
# local_time=2016-05-24 10:53:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 3054 28341858 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1148209 17937349 0 0
# scanned=262808
# found=37
# cleaned=0
# scan_time=2810
sh=AAA9B95FBFA95F5DB9CBCE3084A9BB193D30EDA4 ft=1 fh=f842bce51aa19462 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Support.dll.vir"
sh=515937B0F22F3CBFFBFF913035EBCB95EE1F27ED ft=1 fh=059ab1bc486817ba vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Utility.dll.vir"
sh=76C01012C30715078F5AB89A179BCFE4202EA327 ft=1 fh=811f65b4a33d392a vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys.vir"
sh=27FB3EAB5300DFB427ED8A81E87E748E90BE828C ft=1 fh=06f980dfc6d9c1d0 vn="Win64/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys.vir"
sh=6D3B8649C22C9A1E0007C283DC9E849AF2090B1E ft=1 fh=31f663aabe5d13c8 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys.vir"
sh=27FB3EAB5300DFB427ED8A81E87E748E90BE828C ft=1 fh=06f980dfc6d9c1d0 vn="Win64/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys.vir"
sh=637312342656C50012343DF94068862352B9BD0E ft=1 fh=eaaa93313eed09e6 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys.vir"
sh=7FA3746CD92CF822FFA1D3AF4F0304655A7FA69F ft=1 fh=f7f39426f0cf8013 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe.vir"
sh=27E6143704C268FD62E0184A7CFD9A5C3D2F411F ft=1 fh=975a97365d488128 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll.vir"
sh=AB3E4D3FB823D6F7625803C315D443D43E45B8CE ft=1 fh=efcf6c908e12cfe1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\8GadgetPack - CHIP-Installer.exe"
sh=F5870EA70E9AA1A839F230FA5516D142AAE07A7A ft=1 fh=ef65c49e171a31ac vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\BlueStacks App Player - CHIP-Installer.exe"
sh=10AFF3943F4BFB3E137FC7D82C0A2373A02E8B6C ft=1 fh=30ba3913deead24c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Classic Shell - CHIP-Installer.exe"
sh=6051A753CAB8FBEB49C0E0DC71685495B5AF4C55 ft=1 fh=fc7fbf3d8c8ae538 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Desktop Notes - CHIP-Installer.exe"
sh=C1366D1DEE5B42A4A3A144623C43F031D925D973 ft=1 fh=9d246fba0581404f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Exif Viewer - CHIP-Installer.exe"
sh=AFF0BB0667C93909353AACD0D3103DE01FDBF134 ft=1 fh=b011514431170946 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Free Disk Usage Analyzer - CHIP-Installer.exe"
sh=EA82F3A47ED4D98A716A63053BCCEB8904C9BF71 ft=1 fh=f4c4ab2a89a21d2e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Freemake Audio Converter - CHIP-Installer.exe"
sh=2983A95FB271B7022C48E98405C3D9A09EC1E79A ft=1 fh=83ab809163e3d68f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\GPU Z - CHIP-Installer.exe"
sh=5529D004127C9EB2F917CA8ED42247647D2D5B4D ft=1 fh=2e18bab438ee4b06 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer (1).exe"
sh=D26DF58CF1FB46607459344977FD452C4AAD6141 ft=1 fh=6e5335a401e5f6a2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=150EDE3DE296F79869F9429CCC582910614A7F0D ft=1 fh=cae9b9964b87546c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Joomla - CHIP-Installer.exe"
sh=45BAEF23C4B5FB8A818EBF05CC62E0263E272A52 ft=1 fh=8f4f610431dfde6d vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Logitech Gaming Software - CHIP-Installer.exe"
sh=8483A3A0328B9D78D09D769A11BF037322CD9E0F ft=1 fh=5c12ab3278d4d460 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\LogMeIn Hamachi - CHIP-Installer.exe"
sh=BD2EC138E82376756FDB12CA990A60E14079F93E ft=1 fh=8fe50695a73be9d5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\ManyCam - CHIP-Installer.exe"
sh=67FBA4547F8A6F262047D39DEC73C3F287631AE2 ft=1 fh=46a3a7b8022deb17 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Microsoft Desktops - CHIP-Installer.exe"
sh=929BC4DE00C8F762EB986A682B93D4E540EEEB76 ft=1 fh=eef92f98b44c9f46 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\MKVToolnix - CHIP-Installer.exe"
sh=D5B973D35902FF60BC0C5517D9B58F76682D5693 ft=1 fh=07b9457116e19ca0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=9624C89AA0090219E7BE6B70CF556E1CD6A82D2F ft=1 fh=1e6ee7fe976185d4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\NetWorx - CHIP-Installer.exe"
sh=EC8DD35CF61BCE41F3D50D00BC858AF636A7638A ft=1 fh=53c2e1ddb9332cf4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\ophcrack-vista-livecd-3.6.0 - CHIP-Installer.exe"
sh=085E4DB372A4850DD842632CF6789E236BAB5F77 ft=1 fh=5a509f3bcde29fde vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=7E49745B68C06386978577EAF07A19D84E0B7898 ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Plugin (1).iso"
sh=AD741838403A2833FBB90B428F9B25DB6C5A2EDE ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Plugin.iso"
sh=541F0505C764F3A8A83F1870D032665A0000239A ft=1 fh=da77193d1d446ab0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\PureSync - CHIP-Installer.exe"
sh=84AD4875DB215090052387476C082C555E2BAB97 ft=1 fh=c73b9481d878fcd2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\PuTTY - CHIP-Installer.exe"
sh=2C410D933F9CEB213639EA9BB639ABDF90842436 ft=1 fh=6ebab1ac05e2b402 vn="Variante von Win32/Adware.AdInstaller.F Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\Restorer2000 Data Recovery 3.3 Downloader.exe"
sh=5E84B4FD7FA674B5A8CD7D0865466F0EDCA32F5C ft=1 fh=8879473d0632b76b vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\SiSoft Sandra Lite - CHIP-Installer.exe"
sh=DE7886E0FF1B0D1FB95EF776D8F18E12C3B97F19 ft=1 fh=b35be6d83bf44d76 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\TestDisk PhotoRec - CHIP-Installer (1).exe"
sh=258598609BDEC6B12FC13FDCF3507A66D5C3647D ft=1 fh=0ccb7147adb99d45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\User\Gamer_Marco\Downloads\TestDisk PhotoRec - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# end=init
# utc_time=2016-05-25 03:16:16
# local_time=2016-05-25 05:16:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29587
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# end=updated
# utc_time=2016-05-25 03:16:48
# local_time=2016-05-25 05:16:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e46a891478878a49946e51c7ca1ca117
# engine=29587
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-05-25 04:06:46
# local_time=2016-05-25 06:06:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 72254 28411058 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1217409 18006549 0 0
# scanned=391947
# found=39
# cleaned=39
# scan_time=2998
sh=AAA9B95FBFA95F5DB9CBCE3084A9BB193D30EDA4 ft=1 fh=f842bce51aa19462 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Support.dll.vir"
sh=515937B0F22F3CBFFBFF913035EBCB95EE1F27ED ft=1 fh=059ab1bc486817ba vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Utility.dll.vir"
sh=76C01012C30715078F5AB89A179BCFE4202EA327 ft=1 fh=811f65b4a33d392a vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys.vir"
sh=27FB3EAB5300DFB427ED8A81E87E748E90BE828C ft=1 fh=06f980dfc6d9c1d0 vn="Win64/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys.vir"
sh=6D3B8649C22C9A1E0007C283DC9E849AF2090B1E ft=1 fh=31f663aabe5d13c8 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys.vir"
sh=27FB3EAB5300DFB427ED8A81E87E748E90BE828C ft=1 fh=06f980dfc6d9c1d0 vn="Win64/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys.vir"
sh=637312342656C50012343DF94068862352B9BD0E ft=1 fh=eaaa93313eed09e6 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys.vir"
sh=7FA3746CD92CF822FFA1D3AF4F0304655A7FA69F ft=1 fh=f7f39426f0cf8013 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe.vir"
sh=27E6143704C268FD62E0184A7CFD9A5C3D2F411F ft=1 fh=975a97365d488128 vn="Variante von Win32/MPCCleaner.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll.vir"
sh=AB3E4D3FB823D6F7625803C315D443D43E45B8CE ft=1 fh=efcf6c908e12cfe1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\8GadgetPack - CHIP-Installer.exe"
sh=F5870EA70E9AA1A839F230FA5516D142AAE07A7A ft=1 fh=ef65c49e171a31ac vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\BlueStacks App Player - CHIP-Installer.exe"
sh=10AFF3943F4BFB3E137FC7D82C0A2373A02E8B6C ft=1 fh=30ba3913deead24c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Classic Shell - CHIP-Installer.exe"
sh=6051A753CAB8FBEB49C0E0DC71685495B5AF4C55 ft=1 fh=fc7fbf3d8c8ae538 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Desktop Notes - CHIP-Installer.exe"
sh=C1366D1DEE5B42A4A3A144623C43F031D925D973 ft=1 fh=9d246fba0581404f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Exif Viewer - CHIP-Installer.exe"
sh=AFF0BB0667C93909353AACD0D3103DE01FDBF134 ft=1 fh=b011514431170946 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Free Disk Usage Analyzer - CHIP-Installer.exe"
sh=EA82F3A47ED4D98A716A63053BCCEB8904C9BF71 ft=1 fh=f4c4ab2a89a21d2e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Freemake Audio Converter - CHIP-Installer.exe"
sh=2983A95FB271B7022C48E98405C3D9A09EC1E79A ft=1 fh=83ab809163e3d68f vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\GPU Z - CHIP-Installer.exe"
sh=5529D004127C9EB2F917CA8ED42247647D2D5B4D ft=1 fh=2e18bab438ee4b06 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer (1).exe"
sh=D26DF58CF1FB46607459344977FD452C4AAD6141 ft=1 fh=6e5335a401e5f6a2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=150EDE3DE296F79869F9429CCC582910614A7F0D ft=1 fh=cae9b9964b87546c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Joomla - CHIP-Installer.exe"
sh=45BAEF23C4B5FB8A818EBF05CC62E0263E272A52 ft=1 fh=8f4f610431dfde6d vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Logitech Gaming Software - CHIP-Installer.exe"
sh=8483A3A0328B9D78D09D769A11BF037322CD9E0F ft=1 fh=5c12ab3278d4d460 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\LogMeIn Hamachi - CHIP-Installer.exe"
sh=BD2EC138E82376756FDB12CA990A60E14079F93E ft=1 fh=8fe50695a73be9d5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\ManyCam - CHIP-Installer.exe"
sh=67FBA4547F8A6F262047D39DEC73C3F287631AE2 ft=1 fh=46a3a7b8022deb17 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Microsoft Desktops - CHIP-Installer.exe"
sh=929BC4DE00C8F762EB986A682B93D4E540EEEB76 ft=1 fh=eef92f98b44c9f46 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\MKVToolnix - CHIP-Installer.exe"
sh=D5B973D35902FF60BC0C5517D9B58F76682D5693 ft=1 fh=07b9457116e19ca0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=9624C89AA0090219E7BE6B70CF556E1CD6A82D2F ft=1 fh=1e6ee7fe976185d4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\NetWorx - CHIP-Installer.exe"
sh=EC8DD35CF61BCE41F3D50D00BC858AF636A7638A ft=1 fh=53c2e1ddb9332cf4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\ophcrack-vista-livecd-3.6.0 - CHIP-Installer.exe"
sh=085E4DB372A4850DD842632CF6789E236BAB5F77 ft=1 fh=5a509f3bcde29fde vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=541F0505C764F3A8A83F1870D032665A0000239A ft=1 fh=da77193d1d446ab0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\PureSync - CHIP-Installer.exe"
sh=84AD4875DB215090052387476C082C555E2BAB97 ft=1 fh=c73b9481d878fcd2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\PuTTY - CHIP-Installer.exe"
sh=2C410D933F9CEB213639EA9BB639ABDF90842436 ft=1 fh=6ebab1ac05e2b402 vn="Variante von Win32/Adware.AdInstaller.F Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Restorer2000 Data Recovery 3.3 Downloader.exe"
sh=5E84B4FD7FA674B5A8CD7D0865466F0EDCA32F5C ft=1 fh=8879473d0632b76b vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\SiSoft Sandra Lite - CHIP-Installer.exe"
sh=DE7886E0FF1B0D1FB95EF776D8F18E12C3B97F19 ft=1 fh=b35be6d83bf44d76 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\TestDisk PhotoRec - CHIP-Installer (1).exe"
sh=258598609BDEC6B12FC13FDCF3507A66D5C3647D ft=1 fh=0ccb7147adb99d45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\TestDisk PhotoRec - CHIP-Installer.exe"
sh=85DCE8CFE7E2F657FB6109A1FDD5D9C472BA719E ft=1 fh=3a0fdd8508e8ffba vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\VirtualBox - CHIP-Installer.exe"
sh=F451CFFE1400DAF349C79F4C8634D7E498287AC4 ft=1 fh=94d491d7555680de vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Volume2 - CHIP-Installer.exe"
sh=374CF1C59C0611105BC7702B97FFF7451BF63B95 ft=1 fh=dfb11e3bb5e7d3a8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\Windows Media Player - CHIP-Installer.exe"
sh=85C1AAEF2B6F1D46726D1761A3E3FEFF5F3C776C ft=1 fh=b684483eefcb7ee9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="E:\User\Gamer_Marco\Downloads\wmp81n - CHIP-Installer.exe"

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : GAMER_MARCO
   Windows . . . . . . . : 10.0.0.10586.X64/8
   User name . . . . . . : GAMER_MARCO\Marco
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-05-25 18:28:10
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 58s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 1.943.261
   Files scanned . . . . : 48.418
   Remnants scanned  . . : 510.111 files / 1.384.732 keys

Suspicious files ____________________________________________________________

   C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE\0E390BHO\FRST64[1].exe
      Size . . . . . . . : 2.382.848 bytes
      Age  . . . . . . . : 0.9 days (2016-05-24 22:00:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 1D5EF9D8190AF8CFA7A3DCD8015E2EBAF7C3D34B7F8D6BDA77A4C339306AC1CC
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -41.2s C:\Windows\Prefetch\WLMERGER.EXE-5C970450.pf
         -21.4s C:\Windows\System32\WDI\{9f41811a-0429-42aa-81b7-cfd4d968411f}\{d6414ad9-203c-49b8-88da-09da94b23b9e}\
         -21.4s C:\Windows\System32\WDI\{9f41811a-0429-42aa-81b7-cfd4d968411f}\{d6414ad9-203c-49b8-88da-09da94b23b9e}\snapshot.etl
         -20.7s C:\Windows\Prefetch\RUNDLL32.EXE-A3EE2396.pf
         -15.1s C:\Windows\Prefetch\DLLHOST.EXE-6A829A47.pf
         -2.9s C:\Windows\Prefetch\SETHC.EXE-D1EC56ED.pf
         -0.5s C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCookies\SDV3NKCE.txt
         -0.5s C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE\UWEKZY4N\82[1].htm
         -0.3s C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE\RAL205QN\FRST64[1].exe
          0.0s C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE\0E390BHO\FRST64[1].exe
          4.6s C:\Users\Marco\AppData\Local\Microsoft\Windows\INetCache\IE\M10FCNEM\up64[1]
         26.5s C:\FRST\Logs\ct
         28.3s C:\Windows\Prefetch\DLLHOST.EXE-B51A0D95.pf
         28.5s C:\Windows\Prefetch\BITSADMIN.EXE-51D741B1.pf
         28.5s C:\Windows\Prefetch\IPCONFIG.EXE-EEA91845.pf
         37.2s C:\Windows\Prefetch\RUNTIMEBROKER.EXE-17E2786F.pf
         39.3s C:\Windows\Prefetch\DLLHOST.EXE-6E31253B.pf
         39.8s C:\Windows\Temp\GAMER_MARCO-20160524-2200.log
         41.6s C:\Windows\Prefetch\SPOOLSV.EXE-AC422BB0.pf
         49.8s C:\Windows\Prefetch\OFFICECLICKTORUN.EXE-4FE3D34D.pf
         54.5s C:\Windows\Temp\opera autoupdate\
         54.9s C:\Windows\Temp\CProgram Files (x86)Opera37.0.2178.43opera_autoupdate.download.lock
         55.0s C:\Windows\Temp\opera autoupdate\opera_autoupdate.log


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package\ (TweakBit)

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-05-2016 01
durchgeführt von Marco (2016-05-24 22:00:43) Run:1
Gestartet von E:\User\Gamer_Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 8.7 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:01:45 ====

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-05-2016 01
durchgeführt von Marco (2016-05-25 18:36:24)
Gestartet von E:\User\Gamer_Marco\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-12 13:55:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1580680786-608523540-2495891008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1580680786-608523540-2495891008-503 - Limited - Disabled)
Gast (S-1-5-21-1580680786-608523540-2495891008-501 - Limited - Disabled)
Marco (S-1-5-21-1580680786-608523540-2495891008-1001 - Administrator - Enabled) => C:\Users\Marco

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.1.0 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.8 - Arduino LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.1.2.0 - Auslogics Labs Pty Ltd)
AVerMedia GL710 Live Gamer Portable 3.7.64.39 (HKLM-x32\...\AVerMedia GL710 Live Gamer Portable) (Version: 3.7.64.39 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.104.2016021601 - AVerMedia Technologies, Inc.) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 7.3.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.2.0 - Binary Fortress Software)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON WF-2660 Series Printer Uninstall (HKLM\...\EPSON WF-2660 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FIFA 16 DEMO (HKLM-x32\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts)
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.4.317 - DVDVideoSoft Ltd.)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.19) (Version: 9.19 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jingle Palette 4.4.5 (HKLM-x32\...\Jingle Palette) (Version: 4.4.5 - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Firefox 44.0.2 (x86 de) (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.7.1 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MTproLight 3.8 (HKLM-x32\...\MTproLight) (Version: 3.8.0.0 - Bosch Rexroth AG)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Opera Stable 37.0.2178.43 (HKLM-x32\...\Opera 37.0.2178.43) (Version: 37.0.2178.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PureSync (x32 Version: 4.0.0 - Jumping Bytes) Hidden
PureSync 4.0.0 (HKLM-x32\...\PureSync) (Version: 4.0.0 - Jumping Bytes)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steganos Safe 15 (HKLM-x32\...\{D3FB0B73-11DF-41EE-9B6D-C7198079A88E}) (Version: 15.2.1 - Steganos Software GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version:  - SCS Software)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A8F89265890D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1580680786-608523540-2495891008-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {10C58BBB-FFB1-4DC6-B74E-0AB61E3E4FB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2EEEC597-D495-4117-BAD7-3B2D61E5C9C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {561FBB89-B183-44D4-B1AE-44BA16A9CB10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {5C2FC76E-25B7-4627-B565-9C0430BA0776} - System32\Tasks\Opera scheduled Autoupdate 1462655346 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-09] (Opera Software)
Task: {75210AB4-3F7E-4E61-B0A7-5EB1EA669C95} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-marcocardinal@ok.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {8F5AEF37-E2C6-439C-A523-FC0525A623DE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {9F88298B-6D1E-4EBA-8BE3-DA055C752296} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {A2AE5972-E5B0-45D6-982F-B24111E01E2B} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {A98C9F97-284D-4CA2-8EA3-7C003CB5BF90} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {B1A46BCB-1324-44F8-B766-6A7C5F7E8E34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {B83EE2AC-59B5-4DF0-8BDD-52717B92FE70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {E78D3301-36EF-4EDE-9124-DD7E3CF65FBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {FA651E8A-8346-4637-926E-D4BF3591A9B2} - System32\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {FC970EDD-59FB-41F2-9AFF-0D76ACFC55CE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{EA5DFD3C-470C-463C-8757-713F4BCE6FE4} /F:UpdateWORKGROUP\GAMER_MARCO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-30 02:34 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-12 15:50 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 11:00 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-12 15:47 - 2016-03-12 15:47 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 16:18 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 16:17 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 16:18 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 16:18 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-30 01:36 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-12-30 01:36 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-31 18:30 - 2016-03-31 18:30 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-31 18:30 - 2016-03-31 18:30 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 19:35 - 2016-03-04 19:35 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-03-12 16:30 - 2016-03-12 16:30 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-30 12:43 - 2015-12-30 12:44 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-05-25 16:53 - 2016-05-25 16:53 - 07467008 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\stritz.exe
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-11 19:31 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-12-30 01:36 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:45 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:46 - 2016-04-19 17:46 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-04 16:16 - 2016-05-04 16:16 - 00029840 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\libEGL.dll
2016-05-04 16:16 - 2016-05-04 16:16 - 01259160 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\libGLESv2.dll
2016-02-17 10:33 - 2016-02-17 10:33 - 00255488 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\curl.dll
2016-02-17 10:33 - 2016-02-17 10:33 - 01602560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\LIBEAY32.dll
2016-02-17 10:33 - 2016-02-17 10:33 - 00479232 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\SSLEAY32.dll
2015-12-30 12:51 - 2015-12-30 12:55 - 00066560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\zlib.dll
2016-04-09 15:21 - 2016-04-09 15:21 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-04-09 15:21 - 2016-04-09 15:21 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-12-30 01:10 - 2015-12-30 01:10 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1580680786-608523540-2495891008-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marco\AppData\Local\DisplayFusion\Wallpaper_2.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SAFE15 File Redirection Starter"
HKLM\...\StartupApproved\Run32: => "Steganos HotKeys"
HKLM\...\StartupApproved\Run32: => "DFX"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "WSHelperSetup.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "SAFE15 Browser Monitor"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\StartupApproved\Run: => "WSHelperSetup.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD0A5C80-CDF7-4785-BA7E-AE37D7214920}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2ECDED1F-0924-4B71-8A48-F2628E954926}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E667E24A-E57D-42B1-B64D-0BD4276B8495}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F03A89E1-886A-4CEE-A0D6-BB519FD835B4}] => (Allow) G:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E4262F6E-98DE-4DF7-82D4-E4116A1DE561}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A53C1EC-C22F-4347-8C1F-D390166269C8}] => (Allow) G:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [UDP Query User{B401E615-2227-4F35-8556-D5E4B06DA123}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [TCP Query User{B71DACC4-0E53-4D50-A9EA-31AFD8AD3655}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [UDP Query User{601CCDCC-A341-4BBC-8DDA-DAFDF1E8B96F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{3F26A9B7-9B3D-453B-BD10-6CFF09449B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7417B97F-566A-4B29-953C-9F53B3FDDB8F}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{57AD2227-13D6-4C75-AC7B-69A8FB301B10}] => (Allow) G:\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{59D6AED6-8B36-45E2-A9BB-F6019F1C0C9C}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{8074B0EF-50AD-469C-A06F-38C03252D670}] => (Allow) G:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{10C778CC-40DC-41EE-A3A5-0E813F4A3915}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{10AAC774-2EFB-455A-ABE2-4C0573A23411}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{2A7D0F39-49B3-410C-8AD5-B1CEF54B456D}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45F8BFDB-FD53-482E-8AD5-C6F35D3B9D9B}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5152B05F-258B-46E2-B927-C7FF6BF457D6}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A34C4A7D-7835-49F2-98A6-CD7F29E03F4D}] => (Allow) F:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10874CA3-CD96-4E2A-A014-39C9F653D019}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{14C9F802-2DC0-4E9C-AE59-9524798F7040}] => (Allow) G:\SteamLibrary\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{4278152A-4608-44D8-AB69-F5F402CFED67}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{B735366A-4AEC-482C-B224-ED2CDBDE5B14}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{30EF49A5-D152-469F-B167-76EE92883383}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{7A097AA4-F24C-44DF-9CE5-F9D94A643243}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{5806E96A-49F8-4818-A01E-9BADB533189B}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{93391AC7-AB30-4C44-B72B-36A79E37465E}] => (Allow) G:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{0ED660C1-BAA1-4270-90F6-C441674621E4}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4BA75A1E-3FBB-4FBC-A12E-EAD6E55856CC}] => (Allow) G:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{512DB678-0632-4A68-A987-153007CE289B}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{15F1769D-DDD0-4198-8A5F-478F043ADB8E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1ADB64E4-19D4-45F3-94FD-CF4B61959189}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{9BA81012-C50C-41E5-8236-69ABDE514690}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{71FA2C04-E229-4586-9485-308B307F143A}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{819376E6-4A76-4F4B-901D-80DB84110ABD}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{CDD38BE4-955D-4646-B6EE-75AF9E7BDBFA}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{2FA3F0DC-1142-431F-AEA5-0F0B00BCEF32}] => (Allow) G:\SteamLibrary\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{D2714BF9-98D9-474F-A944-2216472ACC3A}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{E5FEE2B6-1FC9-45A5-AFF1-E8BEEF3E3924}] => (Allow) G:\Uplay\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B78E3896-EA94-47D1-A57F-846B4355DE52}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40E034CC-525D-4127-B72A-665BE17C8CE1}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{29894679-B805-486D-B926-456AC7038C86}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D0FBDF4D-6F43-47D3-8B21-DA7D673D8B3C}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{118274F0-761E-451E-B487-79EF49A12C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{123A31D4-E8C2-472A-A7C9-E83DCFC04881}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C4ED4934-F1F8-4D4B-A88C-FDC5588B3025}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21D2792A-295A-4248-8245-2BA9BB813840}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CFA9D02-D79B-4A51-8B48-2B8C4FF31F94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E3B9B54-3249-477A-A2D2-6FDE0C1484D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA87E09C-26A9-4201-806A-487B89C26850}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29776142-FED0-4F31-8686-7810FE22DE25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8B20F952-3269-4AB7-B655-190E6052ECAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84CAAFDA-E826-4256-805A-069F4B856DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DE886E61-3D1A-4ED3-90EE-5DC106D54639}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A92FD66-2692-4C2B-AA19-E499BF2C2A86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FAD82CE1-CA3A-4D4A-A4F7-15F9C701C6FD}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{DE654915-1684-4F28-B7FF-114067863839}] => (Allow) G:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{053D6B65-2683-4354-B44D-5EB93F34E57E}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{6AFD7479-FA73-4FE0-A34B-0125FA7D2E9F}] => (Allow) G:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{78BA28B4-FA63-4759-B7A2-503FB1670002}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F6B2DD0F-CCAA-49A1-9726-931CEADAFF0A}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{DA51DF10-AB25-41A2-87F4-E9A7A19176E1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{D0E6330D-7EDC-4240-AE2B-8C83E9333694}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{9A379AF9-F57F-4726-A9C6-A091F68C4DAA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0028C0CF-942A-466D-B0CD-A6B75F441A5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/25/2016 06:32:13 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/25/2016 06:26:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/25/2016 05:16:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:53:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x4d0
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (05/24/2016 10:53:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:04:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:04:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:04:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:04:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (05/24/2016 10:03:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (05/25/2016 06:06:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/25/2016 06:06:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marco\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2016 06:06:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/25/2016 06:06:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marco\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2016 06:06:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/25/2016 06:06:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marco\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2016 06:06:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/25/2016 06:06:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marco\AppData\Local\Temp\ehdrv.sys

Error: (05/25/2016 06:06:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/25/2016 06:06:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marco\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-05-19 17:03:29.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 23:15:52.167
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 21:52:00.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 17:16:31.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-10 18:21:47.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-10 18:21:47.271
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16329.94 MB
Verfügbarer physikalischer RAM: 12172.3 MB
Summe virtueller Speicher: 18761.94 MB
Verfügbarer virtueller Speicher: 13457.49 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.29 GB) (Free:62.76 GB) NTFS
Drive e: (Daten) (Fixed) (Total:191.99 GB) (Free:59.74 GB) NTFS
Drive f: (Programme) (Fixed) (Total:234.74 GB) (Free:132.23 GB) NTFS
Drive g: (Games) (Fixed) (Total:358.29 GB) (Free:84.9 GB) NTFS
Drive h: (SSD 2) (Fixed) (Total:223.44 GB) (Free:211.87 GB) NTFS
Drive j: (Volume) (Fixed) (Total:146.48 GB) (Free:69.22 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 22CD7469)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D2CD1FA9)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=192 GB) - (Type=42)
Partition 3: (Not Active) - (Size=739.5 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

swammcrusher · 25.05.2016, 17:44

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-05-2016 01
durchgeführt von Marco (Administrator) auf GAMER_MARCO (25-05-2016 18:36:10)
Gestartet von E:\User\Gamer_Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.66.200.0_x86__kgqvnymyfvs32\stritz.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-10] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe [100864 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [LWS] => F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1326584 2015-11-15] ()
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify Web Helper] => C:\Users\Marco\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EADM] => F:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-21] (Electronic Arts)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8538648 2015-11-16] (Binary Fortress Software)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-12-30] ()
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [PureSync] => F:\Program Files (x86)\Pure Sync\PureSyncTray.exe [1025712 2015-12-02] (Jumping Bytes)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Spotify] => C:\Users\Marco\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMAE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\Run: [GoogleChromeAutoLaunch_56D976794F990CB20E35B49F5BE31F4C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304 2016-05-11] (Google Inc.)
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\RunOnce: [Uninstall C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marco\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1580680786-608523540-2495891008-1001\...\MountPoints2: {59cdb1d5-eada-11e5-9eaa-d8cb8a350237} - "I:\startme.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5481a273-95bd-4857-9b12-32f0150dfd89}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-10] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-10] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-30] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-10] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> F:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Extension: Flash and Video Download - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-13]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-24]
FF Extension: Combo - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\combo@yandex.ru.xpi [2016-01-16]
FF Extension: No Flash - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-cplLTTY501TB2Q@jetpack.xpi [2016-05-07]
FF Extension: YouTube™ Flash® Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2016-05-07]
FF Extension: Flash Control - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2016-05-07]
FF Extension: YouTube Flash Video Player - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\zbwz2rjm.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
StartMenuInternet: FIREFOX.EXE - F:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://forum.troubletown.de/
CHR StartupUrls: Profile 1 -> "hxxp://www.youtube.com/?gl=DE&hl=de"
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-30]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-24]
CHR Extension: (Google Docs) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-04]
CHR Extension: (Google-Suche) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-12-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-07]
CHR Extension: (Google Tabellen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-30]
CHR Extension: (Google Docs Offline) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Desktop Notifications für Android) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-04-19]
CHR Extension: (Lone Tree) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-12-30]
CHR Extension: (Floating for YouTube™) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-01-30]
CHR Extension: (AudioSauna) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2016-01-04]
CHR Extension: (Until AM for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2015-12-30]
CHR Extension: (Twitch Now) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-03-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Wunderlist for Chrome) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2016-02-05]
CHR Extension: (Click&Clean App) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-05-20]
CHR Extension: (Google Mail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-30]
CHR Extension: (RSS Feed Reader) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-05-02]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls: "hxxp://www.youtube.de/"
OPR Extension: (Adblock Plus) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-05-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1933000 2016-02-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-30] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4608040 2015-11-16] (Binary Fortress Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-21] (Electronic Arts)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40720 2016-01-23] (Google Inc)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
S3 AVer330USB; C:\Windows\system32\DRIVERS\AVer330USB.sys [1551616 2015-04-09] (AVerMedia TECHNOLOGIES, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-04] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-30] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-24] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-24] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-30] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-25 18:27 - 2016-05-25 18:33 - 00000000 ____D C:\ProgramData\HitmanPro
2016-05-23 23:49 - 2016-05-23 23:49 - 00000781 _____ C:\Users\Marco\Desktop\JRT.txt
2016-05-23 23:36 - 2016-05-25 18:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-23 23:36 - 2016-05-23 23:36 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-23 23:36 - 2016-05-23 23:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-23 23:36 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-23 23:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-23 23:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-23 23:20 - 2016-05-23 23:25 - 00104644 _____ C:\TDSSKiller.3.1.0.9_23.05.2016_23.20.10_log.txt
2016-05-23 20:24 - 2016-05-25 18:36 - 00000000 ____D C:\FRST
2016-05-23 20:07 - 2016-05-23 23:46 - 00000000 ____D C:\AdwCleaner
2016-05-23 17:06 - 2016-05-23 17:06 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2016-05-23 17:06 - 2016-05-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2016-05-23 17:05 - 2016-05-23 17:06 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-05-23 17:01 - 2016-05-23 17:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LockAP
2016-05-23 16:52 - 2016-05-23 16:52 - 00000000 ____D C:\Users\Marco\AppData\Roaming\LibreOffice
2016-05-20 19:53 - 2016-05-20 19:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-20 19:53 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-11 16:18 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 16:18 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 16:18 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 16:18 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 16:18 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 16:18 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 16:18 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 16:18 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 16:18 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 16:18 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 16:17 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 16:17 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 16:17 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 16:17 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 16:17 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 16:17 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 16:17 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 16:17 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 16:17 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 16:17 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 16:17 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 16:17 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 16:17 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 16:17 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 16:17 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 16:17 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 16:17 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 16:17 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 16:17 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 16:17 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 16:17 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 16:17 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 16:17 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 16:17 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 16:17 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 16:17 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 16:17 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 16:17 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 16:17 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 16:17 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 16:17 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 16:17 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 16:17 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 16:17 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 16:17 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 16:17 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 16:17 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 16:17 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 16:17 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 16:17 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 16:17 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 16:17 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 16:17 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 16:17 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 16:17 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 16:17 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 16:17 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 16:17 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 16:17 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 16:17 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 16:17 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 16:17 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 16:17 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 16:17 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 16:17 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 16:17 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 16:17 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 16:17 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 16:17 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 16:17 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 16:17 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 16:17 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 16:17 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 16:17 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 16:17 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 16:17 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 16:17 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-11 16:08 - 2016-05-11 16:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files\iPod
2016-05-11 15:59 - 2016-05-11 15:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-05-11 15:58 - 2016-05-11 15:58 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-07 23:11 - 2016-05-25 18:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-07 23:11 - 2016-05-22 01:12 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-07 23:11 - 2016-05-13 22:24 - 00004028 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-07 23:11 - 2016-05-13 22:24 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-07 23:09 - 2016-05-23 20:15 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-07 23:09 - 2016-05-13 21:54 - 00003984 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1462655346
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Opera Software
2016-05-07 23:09 - 2016-05-07 23:09 - 00000000 ____D C:\Users\Marco\AppData\Local\Opera Software
2016-05-07 23:08 - 2016-05-13 21:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-07 18:55 - 2016-05-07 20:30 - 00000000 ____D C:\Users\Marco\AppData\Local\RECentral
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2016-05-07 18:55 - 2016-05-07 18:55 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2016-05-07 18:55 - 2015-04-09 08:14 - 01551616 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\WINDOWS\system32\Drivers\AVer330USB.sys
2016-05-07 18:55 - 2014-12-16 10:39 - 00454064 _____ C:\WINDOWS\system32\Drivers\qpvidfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00363832 _____ C:\WINDOWS\system32\Drivers\qpaudfwusb.bin
2016-05-07 18:55 - 2014-12-16 10:39 - 00125440 _____ (AVerMedia Technology, Inc.) C:\WINDOWS\SysWOW64\PropPage.ax
2016-05-07 18:55 - 2013-04-22 12:00 - 00495616 _____ C:\WINDOWS\SysWOW64\D3DX8ab.dll
2016-05-07 18:55 - 2012-11-25 15:26 - 02365756 _____ C:\WINDOWS\SysWOW64\libfftw3-3.dll
2016-05-07 18:55 - 2012-04-21 06:21 - 01625088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPb72c.rra
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Users\Marco\AppData\Local\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.NET
2016-04-30 18:09 - 2016-04-30 18:09 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2016-04-29 22:35 - 2016-05-25 16:50 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn Hamachi
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\Users\Marco\AppData\Local\LogMeIn
2016-04-29 22:35 - 2016-04-29 22:35 - 00000000 ____D C:\ProgramData\LogMeIn
2016-04-29 18:35 - 2016-04-29 18:33 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-04-29 18:31 - 2016-04-29 18:31 - 00000000 ____D C:\Users\Marco\SimpleJavaYoutubeUploader
2016-04-29 17:04 - 2016-04-29 17:04 - 00715038 _____ C:\WINDOWS\unins000.exe
2016-04-29 17:04 - 2016-04-29 17:04 - 00001993 _____ C:\WINDOWS\unins000.dat
2016-04-29 17:04 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-04-29 17:04 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2016-04-29 17:00 - 2016-04-29 17:08 - 00000000 ____D C:\Users\Marco\AppData\Local\Dxtory Software
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2016-04-29 17:00 - 2016-04-29 17:00 - 00000000 ____D C:\Program Files (x86)\Dxtory Software
2016-04-29 17:00 - 2011-05-23 23:29 - 03673600 _____ (Dxtory Software) C:\WINDOWS\system32\DxtoryCodec64.dll
2016-04-29 17:00 - 2011-05-23 23:23 - 03166720 _____ (Dxtory Software) C:\WINDOWS\SysWOW64\DxtoryCodec.dll
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-04-26 14:29 - 2016-04-26 14:29 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-04-26 14:05 - 2016-05-23 21:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\obs-studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-04-26 14:05 - 2016-04-26 14:05 - 00000000 ____D C:\Program Files (x86)\obs-studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-25 18:26 - 2015-12-30 02:31 - 00000000 ____D C:\Users\Marco\AppData\Local\ClassicShell
2016-05-25 17:45 - 2015-12-30 01:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-25 17:38 - 2016-03-29 17:38 - 00000943 _____ C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {EA5DFD3C-470C-463C-8757-713F4BCE6FE4}.job
2016-05-25 17:06 - 2015-12-30 01:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-25 16:53 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-25 16:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-25 16:52 - 2015-12-30 01:41 - 00000000 ____D C:\Users\Marco\AppData\Local\Adobe
2016-05-25 16:50 - 2015-12-30 01:30 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-24 22:09 - 2015-12-30 01:32 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-24 22:09 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-24 22:09 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-24 22:09 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-24 22:02 - 2016-03-12 15:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-24 22:02 - 2016-03-12 15:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-24 22:02 - 2016-03-12 15:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-24 22:02 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-24 22:00 - 2015-12-25 17:31 - 00000000 ____D C:\Users\Marco\AppData\LocalLow\Temp
2016-05-24 16:58 - 2015-12-30 01:51 - 00933808 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-05-24 16:58 - 2015-12-30 01:51 - 00238000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-05-24 16:58 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-24 16:58 - 2015-06-27 00:58 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-05-24 16:58 - 2015-06-11 20:35 - 00049240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-05-24 16:43 - 2016-01-30 17:04 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{522583D8-BE19-41DB-B52F-E4C35B2DE8FD}
2016-05-23 23:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-05-23 23:26 - 2015-12-30 01:37 - 00000000 ____D C:\Users\Marco\AppData\Roaming\TS3Client
2016-05-23 20:15 - 2016-03-12 15:50 - 05017736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-23 20:15 - 2016-01-30 16:11 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-05-23 20:15 - 2016-01-06 00:36 - 00000808 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-23 20:15 - 2016-01-01 18:13 - 00000816 _____ C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-23 20:15 - 2015-12-30 01:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-05-22 18:20 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Local\Spotify
2016-05-22 18:16 - 2015-12-30 01:43 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Spotify
2016-05-22 01:13 - 2015-12-30 01:30 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-22 01:12 - 2016-03-19 01:11 - 00000000 ___HD C:\Program Files (x86)\DrFoneAndroid_Temp
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-05-22 01:12 - 2016-03-19 01:09 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-05-22 01:12 - 2016-01-23 14:14 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Wondershare
2016-05-22 01:11 - 2015-12-23 21:08 - 00000000 ____D C:\Users\Marco\.android
2016-05-21 23:40 - 2015-11-28 14:44 - 00000080 _____ C:\Users\Marco\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-05-21 23:16 - 2015-12-30 02:22 - 00000000 ____D C:\ProgramData\Origin
2016-05-21 00:48 - 2015-12-30 02:56 - 00000000 ____D C:\Users\Marco\AppData\Local\CrashDumps
2016-05-20 19:53 - 2015-12-30 01:35 - 00000000 ____D C:\Users\Marco\AppData\Local\NVIDIA
2016-05-19 17:07 - 2016-01-07 16:29 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-05-19 17:03 - 2015-12-30 02:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-19 17:03 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-16 18:13 - 2016-04-03 17:51 - 00000000 ____D C:\Users\Marco\AppData\Roaming\.minecraft
2016-05-15 22:10 - 2015-12-30 01:58 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Skype
2016-05-15 00:43 - 2016-03-12 15:51 - 00000000 ____D C:\Users\Marco
2016-05-14 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 15:01 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 22:08 - 2016-01-07 16:29 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 22:07 - 2016-01-07 16:29 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-05-13 21:56 - 2015-12-30 01:22 - 00000000 ____D C:\Users\Marco\AppData\Local\Packages
2016-05-13 21:53 - 2015-07-28 20:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 20:26 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 20:26 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 20:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 20:25 - 2015-12-30 19:14 - 00000000 ____D C:\Users\Marco\AppData\Local\DisplayFusion
2016-05-11 16:40 - 2015-12-30 01:30 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 16:40 - 2015-12-30 01:30 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:34 - 2015-12-30 02:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 16:29 - 2015-12-30 02:10 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 15:59 - 2015-12-30 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-05-11 15:58 - 2015-12-30 01:33 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-11 15:58 - 2015-12-30 01:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-07 18:56 - 2015-12-30 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-02 07:39 - 2015-12-30 01:36 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-05-02 07:39 - 2015-12-30 01:36 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-05-02 07:38 - 2015-12-30 01:36 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-30 21:13 - 2015-12-30 01:43 - 00000000 ____D C:\ProgramData\Skype
2016-04-30 16:51 - 2016-01-20 20:01 - 00000000 ____D C:\Users\Marco\AppData\Roaming\OBS
2016-04-30 16:28 - 2016-02-06 22:29 - 00000000 ____D C:\Users\Marco\AppData\Local\ftblauncher
2016-04-29 18:38 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Oracle
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-29 18:35 - 2015-12-30 01:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-29 18:33 - 2015-12-30 01:42 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-04-29 18:33 - 2015-12-30 01:42 - 00000000 ____D C:\Program Files\Java
2016-04-29 18:33 - 2015-12-30 01:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-29 18:33 - 2015-10-25 14:03 - 00000000 ____D C:\Users\Marco\.oracle_jre_usage
2016-04-28 16:25 - 2015-12-30 01:37 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-26 17:50 - 2016-01-05 17:45 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Audacity
2016-04-26 16:14 - 2016-01-04 19:25 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-14 17:43 - 2016-01-14 17:43 - 0031400 _____ () C:\Users\Marco\AppData\Roaming\VoiceMeeterDefault.xml
2016-04-09 13:39 - 2016-04-09 13:39 - 0000874 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2016-03-12 23:45 - 2016-04-10 13:00 - 0007602 _____ () C:\Users\Marco\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-25 17:27

==================== Ende von FRST.txt ============================

Zu der Frage, bislang konnte ich keine weiteren Probleme mehr feststellen.

M-K-D-B · 25.05.2016, 22:03

Servus,

Zitat:

CHIP-Installer.exe

Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
CMD: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /s
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

swammcrusher · 26.05.2016, 00:15

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
durchgeführt von Marco (2016-05-26 00:58:16) Run:2
Gestartet von E:\User\Gamer_Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CMD: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /s
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package
end
*****************

Prozess erfolgreich geschlossen.

=========  reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /s =========


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
    RTHDVCPL    REG_BINARY    060000000000000000000000
    iTunesHelper    REG_BINARY    03000000B23A4D069D42D101
    Launch LCore    REG_BINARY    020000000000000000000000
    NvBackend    REG_BINARY    020000000000000000000000
    ShadowPlay    REG_BINARY    020000000000000000000000
    Classic Start Menu    REG_BINARY    020000000000000000000000
    AdobeAAMUpdater-1.0    REG_BINARY    0300000081D7A2ACF449D101

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32
    SunJavaUpdateSched    REG_BINARY    020000000000000000000000
    Acrobat Assistant 8.0    REG_BINARY    03000000EA8E7FA6F449D101
    Adobe Creative Cloud    REG_BINARY    0300000031C4B2A9F449D101
    SAFE15 File Redirection Starter    REG_BINARY    0300000066EB9BE8D9A2D101
    Steganos HotKeys    REG_BINARY    03000000F6276AB9F449D101
    DFX    REG_BINARY    030000005C36C5001D7DD101
    Dropbox    REG_BINARY    020000000000000000000000
    LWS    REG_BINARY    0300000057EDE2DED9A2D101
    Wondershare Helper Compact.exe    REG_BINARY    020000000000000000000000
    PDFPrint    REG_BINARY    03000000C838E9D4D9A2D101
    EEventManager    REG_BINARY    030000005135CCD8D9A2D101
    FUFAXSTM    REG_BINARY    0300000000B7E1DAD9A2D101
    FUFAXRCV    REG_BINARY    03000000B940AAD9D9A2D101
    WSHelperSetup.exe    REG_BINARY    03000000BDC616DDD9A2D101
    LogMeIn Hamachi Ui    REG_BINARY    020000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder


========= Ende von CMD: =========

HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKLM\SOFTWARE\WOW6432Node\Auslogics\Google Analytics Package => Schlüssel erfolgreich entfernt


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:58:17 ====

Vielen vielen Dank für deine Hilfe. Professionelle auf höchstem Niveau. Wenn mal wieder was ist (hoffentlich nicht), dann komme ich wieder.

Danke

M-K-D-B · 26.05.2016, 09:12

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.