PUP.Optional.SysTweak mit mbam beim Systemscan gefunden

FJ1 · 03.07.2016, 06:24

Hallo,

habe heute morgen routinemäßig einen Systemscan durchgeführt, Avira Pro fand bei vollständiger Untersuchung nichts, mbam fand dann jedoch PUP.Optional.SysTweak unter
C:\Windows\System32\roboot64.exe.

Hier der mbam logfile:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.07.2016
Suchlaufzeit: 06:53
Protokolldatei: mbam report 3.7.2016.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.03.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: XXXXXX

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 324885
Abgelaufene Zeit: 8 Min., 27 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.SysTweak, C:\Windows\System32\roboot64.exe, , [029d59c6abef211528947f45c938d030], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Danke schonmal im Voraus für die Hilfe beim weiteren Vorgehen.

Beste Grüße.

M-K-D-B · 03.07.2016, 13:19

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Bitte den Funde mit MBAM entfernen lassen!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

FJ1 · 03.07.2016, 16:51

Hallo Matthias, danke Dir für die schnelle Antwort.

Hier sind die logfiles:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Fabian (Administrator) auf XXXXXX (03-07-2016 17:36:59)
Gestartet von C:\Users\Fabian\Desktop
Geladene Profile: Fabian (Verfügbare Profile: Fabian)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Fabian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [MWS Reader 5] => D:\MWS Reader 5\mwsr5.exe [13272064 2015-05-11] (directINNOVATION UG (haftungsbeschränkt))
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cddb9939-cf5a-44a4-ad86-301ed476b62e}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: NoScript - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: Flash and Video Download - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-06-28]
FF Extension: Avira Browser Safety - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\abs@avira.com [2016-06-22]
FF Extension: Adblock Plus - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-05] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-08] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-03-25] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 17:36 - 2016-07-03 17:37 - 00014840 _____ C:\Users\Fabian\Desktop\FRST.txt
2016-07-03 17:36 - 2016-07-03 17:36 - 02390016 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2016-07-03 17:36 - 2016-07-03 17:36 - 00000000 ____D C:\FRST
2016-07-03 07:14 - 2016-07-03 07:14 - 00001272 _____ C:\Users\Fabian\Desktop\mbam report 3.7.2016.txt
2016-06-23 23:28 - 2016-06-23 23:33 - 00000194 _____ C:\Users\Fabian\Desktop\Mögliche Lehrgangstermine für Dieter.txt
2016-06-22 17:18 - 2016-06-22 17:18 - 00390740 _____ C:\WINDOWS\Minidump\062216-5265-01.dmp
2016-06-15 14:33 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 14:33 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 14:33 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 14:33 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 14:33 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 14:33 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 14:32 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 14:32 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 14:32 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 14:32 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 14:32 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 14:32 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 14:32 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 14:32 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 14:32 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 14:32 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 14:32 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 14:32 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 14:32 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 14:32 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 14:32 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 14:32 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 14:32 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 14:32 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 14:32 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 14:32 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 14:32 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 14:32 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 14:32 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 02:31 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-14 02:30 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-11 22:50 - 2016-06-11 22:50 - 00000000 ____D C:\Users\Fabian\Desktop\10260611
2016-06-08 01:22 - 2016-07-03 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 17:33 - 2015-12-12 09:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 17:33 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-03 17:33 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-03 17:33 - 2015-05-29 15:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-03 17:33 - 2015-05-19 18:03 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2016-07-03 17:33 - 2015-05-18 13:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-03 06:53 - 2015-05-18 13:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-03 02:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-03 01:38 - 2015-05-18 14:30 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\TS3Client
2016-07-02 22:14 - 2015-10-30 20:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-02 22:14 - 2015-10-30 20:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-02 22:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-02 22:14 - 2015-08-19 17:46 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 06:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 05:02 - 2015-06-04 04:17 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\vlc
2016-06-29 03:00 - 2015-07-04 03:01 - 00000000 ____D C:\Users\Fabian\AppData\Local\CrashDumps
2016-06-27 06:48 - 2015-05-18 14:24 - 00000000 ____D C:\Users\Fabian\AppData\Local\Windows Live
2016-06-23 21:55 - 2015-10-26 19:20 - 00637904 _____ C:\Users\Fabian\Desktop\Erstattungsantrag_axa_Aug2014.pdf
2016-06-23 18:42 - 2015-11-12 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 17:18 - 2015-12-30 12:59 - 583392731 _____ C:\WINDOWS\MEMORY.DMP
2016-06-22 17:18 - 2015-12-30 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-22 13:02 - 2015-05-18 15:12 - 00000000 ____D C:\Users\Fabian\AppData\Local\Adobe
2016-06-22 01:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 20:08 - 2015-05-31 20:55 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Audacity
2016-06-17 18:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 18:45 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 03:23 - 2015-12-12 09:10 - 00000000 ____D C:\Users\Fabian
2016-06-16 12:17 - 2015-08-19 18:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 12:16 - 2015-12-12 09:09 - 00221744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 17:30 - 2015-05-18 10:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 17:29 - 2015-05-18 10:40 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 02:31 - 2016-03-12 06:26 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-14 02:31 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-14 02:31 - 2015-05-29 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-12 02:11 - 2016-01-29 06:38 - 00129739 _____ C:\Users\Fabian\Documents\starburn.txt
2016-06-10 22:32 - 2015-05-18 10:59 - 00000000 ____D C:\Users\Fabian\AppData\Local\ElevatedDiagnostics
2016-06-07 18:18 - 2016-05-22 11:30 - 00000138 _____ C:\Users\Fabian\Desktop\Anmeldungen Seminar Juni 2016.txt
2016-06-04 02:51 - 2015-12-02 04:42 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-14 13:57 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2015-12-22 18:55 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2015-12-22 18:55 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2015-12-12 09:09 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2015-12-12 09:09 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-12 09:09 - 2015-12-12 09:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Fabian\setup.exe


Einige Dateien in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\avgnt.exe
C:\Users\Fabian\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Fabian\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Fabian\AppData\Local\Temp\nvStInst.exe
C:\Users\Fabian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Fabian\AppData\Local\Temp\video-editor_full1080.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 15:05

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Fabian (2016-07-03 17:37:17)
Gestartet von C:\Users\Fabian\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-12 07:14:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-169824235-548985442-2713111802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169824235-548985442-2713111802-503 - Limited - Disabled)
Fabian (S-1-5-21-169824235-548985442-2713111802-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-169824235-548985442-2713111802-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.26.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Kindle (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Binary Domain (HKLM-x32\...\Steam App 203750) (Version:  - Devil's Details)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DaVinci Resolve (HKLM\...\{131F8AE4-9933-4C05-8C22-87D5160501A6}) (Version: 11.3.1018 - Blackmagic Design)
DiRT Showdown (HKLM\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version:  - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Extreme Tuning Utility (HKLM-x32\...\{eb3c7583-932b-4db5-a272-5fb4528656bb}) (Version: 5.1.2.2 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.2.2 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL SLUG 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MWS Reader 5 (HKLM-x32\...\MWS Reader 5_is1) (Version: 5.2.621 - directINNOVATION UG (haftungsbeschränkt))
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith (HKLM-x32\...\Steam App 205190) (Version:  - Ubisoft - San Francisco)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM\...\Steam App 202170) (Version:  - United Front Games)
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager Development)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Standard Mouse Driver (HKLM-x32\...\{6C4453CD-123A-40FB-8227-E23AF8748C5A}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version:  - Most Wanted Entertainment)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version:  - Ubisoft Montreal)
TrueFire (HKLM-x32\...\TrueFire-Course-Player) (Version: 1.043 - TrueFire, Inc.)
TrueFire (x32 Version: 1.043 - TrueFire, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wondershare Filmora(Build 7.2.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2585C5A8-B436-4936-9E5A-59EA2B5F40DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4148D053-DFFA-4F52-AE05-B4FBB11A64DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {459B5445-EF40-41A1-BA16-F4A088D2FE94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {78DDE348-6572-4A32-AA30-40C6CA590488} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {78E2CD17-ACB3-420F-A6A4-BAB9F02B2369} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-03-11] (Intel Corporation)
Task: {877C9E82-F869-4B99-B420-16079C15878C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8F717101-D1E2-4F7D-915A-BB882F176A5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A310B86C-B400-404F-ADDD-5D07A6E88297} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C135CBD3-F486-486C-BE5F-5E95223ADED9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C3F85D89-7DAB-4648-8A78-64E6AFDC3B48} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E4F02A72-B4CD-4D93-9914-389775D8EEB0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 09:09 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-03-04 03:01 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-22 18:52 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-04 03:01 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 20:14 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:58 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 14:33 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 14:33 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 14:33 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2016-04-05 12:40 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 05:40 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2015-09-28 15:30 - 2013-01-04 17:04 - 00147456 _____ () C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
2015-05-29 15:12 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-29 15:12 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2015-05-29 15:12 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-28 15:30 - 2012-12-20 14:05 - 00045056 _____ () C:\Program Files (x86)\Standard Mouse Driver\lan.dll
2015-09-28 15:30 - 2012-08-30 14:24 - 00061440 _____ () C:\Program Files (x86)\Standard Mouse Driver\hiddriver.dll
2016-01-29 06:38 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-01-29 06:38 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-169824235-548985442-2713111802-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4DB165C0-3B50-4F29-83A9-118066C5B0E0}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{87EDAE14-73E0-4F60-B0F6-E8897DC79471}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{97D7C00A-8D8C-4B77-B11B-ACCF1A50D362}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B0072ED3-4326-49AF-8C18-19B0ABB49A1A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{68A51083-93B7-476C-9346-70BCEBE2D97F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{71402935-54FC-4A3C-A89B-762D38BFF3F3}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B0AB0CEA-B931-45AB-B099-B7CE38207785}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BECA9CA9-C7E4-4CD8-9F52-9F1B5661EFE4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{27F0D775-E032-4D18-98D4-AA3A463A838A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{44D79FCE-90CD-4720-BDA0-835508DDDBA4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{85067AED-A593-4ACE-B675-889E2686466D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{64F8E193-FE68-4601-AFE5-AAD566F85D59}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CA62211B-6A38-43EA-B961-F25792CB65B5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{AD1C79D4-D5E7-4C21-8F5A-512E1DAE06A5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{B87BD653-5508-4038-9E40-6A09E31346D3}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{918AE4B2-3899-45E0-821F-E714272183B2}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{90D7268B-42A2-483C-9DE8-90751A1FFDB1}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{FF6CC075-D874-42BE-85D3-3E06E522ABFA}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{EE189F9E-C8C6-4327-8B12-537BBF512A44}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2FD0529D-5498-4ED7-B8AC-FCE5F599F419}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D073BF74-74B8-4DA1-A537-B0D1CA119F92}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{19AFDD39-4DA2-4E45-BA37-E330FDEF143D}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1565F7D-DE84-4035-8DEE-B7206E9CF1E6}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{7B208B0F-15BA-4C79-93F3-F68DD3E83AAE}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{48E82A63-979E-4BCF-8E73-F3E3DD393C2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B81E337D-63C7-439C-9DD9-53D50E4B52B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE76E308-5A2F-4253-9EF9-6616513E7EBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47AA7F0D-D9F1-4B7E-9A40-D10B949379E0}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{1C0EC512-B21B-4E7E-AA40-710EC82B929E}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{08965FE0-DAF8-4114-9EE2-F6BDE29B8994}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{8FD60035-440D-4228-8651-FE173A407201}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{C3012F5A-12B8-4691-84A9-BA7821DA4789}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{36A6470C-E55A-40A5-A66C-02FA53B56F9D}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{47379E4B-8B10-4485-94A8-4BD3264E4C8C}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{175357F2-F573-4D3D-921E-C753466E9D7B}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{C4FBAC76-62C3-4129-9129-6AA71D15FCC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B65F972-7357-4A77-B095-506980250FA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD84042F-B499-4307-8D57-8F34ADCCBD1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED558A9E-B5F6-4994-8A98-54484C132AE1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3FA79838-F973-4615-A8DC-2908E2D8F2AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8300987-E1EF-4FBE-9F34-0DFDAD3FAD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D53E258-2691-4F36-8289-C9173D703A90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9927F7F6-CF0F-42CD-BF04-F1E6A245AD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E767E224-AA9E-4054-9236-EB041BBEF818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D7C54416-17B7-4D58-9BF5-B7297A408C1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{63891AE8-0127-4E8F-9AF1-F4719767148C}] => (Allow) LPort=2869
FirewallRules: [{A5B3CB4F-795E-4F54-AD94-E63DB8C0A42D}] => (Allow) LPort=1900
FirewallRules: [{0AA2D938-1F29-44BD-98F9-47D36F819B11}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C9D110DA-1970-4C73-BE55-70183874E727}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A27A2757-A3CD-4770-93E7-E87E3BC5B85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{68646264-96B9-443E-A22A-AAC877D0D3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{DEE80902-E560-4649-AC4F-DB15E93644EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{D2A47F14-468F-4A06-942E-94FAB186562A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{72EA5811-5DEE-4F54-9D07-9C5D61E13CD5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{941B2260-2540-449F-8297-6F0C4DFB01EE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{EBD0578E-6AA2-47F1-9141-BED286E8C74C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{69138AF8-07F1-410C-B7FD-6E07C9EA5689}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{9ABE302E-A4D2-4EC7-8B3B-30F365DDB083}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{228C823E-5C17-457A-9D69-767116B49519}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{B9B60B94-C865-4C46-9126-7AC780D95E46}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{5EFB0068-50AD-498F-92EA-3759C76B0E21}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{ABCE225E-0769-42E2-920D-070827736CB6}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{4438F0B0-3511-4296-A5B1-64A0EF9101CA}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{56579952-A060-4A31-BBFF-84EF85458447}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{F583E076-404A-4F8B-8D01-98E862676D22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C37E844E-040D-4BAC-9A6A-5ED5E5D11224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DC4DA8CC-0809-47C2-A941-16615DA6285D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0A9D05E1-C263-42F2-9958-E6508D93C6EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{868286D2-6613-4E9C-B108-C4C72A834C40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{908741BA-0DC7-4334-8D29-A1F085A1976A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0046F909-CC54-4F62-A176-E019205F7B7D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9C65EFB-7A3E-4270-B912-5AAC9656682C}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{DD071BBD-A707-4565-AE3A-F7527B9CBF59}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [TCP Query User{43DC946D-2BF5-43F0-90EB-B7D8F91BE03D}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{9AC11793-1563-4026-8D3A-A613D0005C33}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{7745B9FA-1A0F-446B-8207-77AF24D8A0C1}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F72AB61B-265F-4FC2-9223-C14C1E7EA32E}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{1E411233-531F-48DB-B783-E421A3E450E6}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{CA760D28-E3C8-40B7-98A5-EA66C71FCA8E}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{D08CFEC4-C360-49C3-B2B0-358FC6FCD100}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{36383C22-81BB-4855-85BA-747A3BA4E074}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{5ABC6840-912B-42F5-89F0-BF76EFBC9EE0}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{DE9B87CF-748F-4533-A7FC-97F418A326AC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{266E98C1-EFEA-4DF7-B199-5841E1F7F61A}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{1DB52B6B-5FD7-4CAD-9179-99DCCC2353DC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{F0897921-8C2E-4394-81B5-78C11B653BEE}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{315E81AB-7177-4E63-A8B6-4DF72D9D2E94}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{A5AF2C95-DBF6-4FB3-BA48-AD7AA6EC7FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{131A07E7-53CC-4837-A30E-595EC020CFE3}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{6A2D7F00-3F48-49DF-828A-9F8A5619AEDE}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8486B426-E378-42FC-A8F0-5F47792EDFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{45CAEFDB-E770-4372-9B16-F4B51900CFAC}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{B21E5AA3-20EB-4C59-BE7D-21A12CD048C1}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{62ED10E3-A79B-4087-A928-3A92CC3C6984}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{19C3C641-E9A7-47FC-9341-3C5432AD85EE}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{C3B8A625-3DDB-48CA-B3CD-AAA145F5CB71}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{2C06568C-3103-45B3-B9DB-7DAB24BDF184}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{4F0727D7-367E-495E-A03A-465BDCB944AF}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{948D4F1B-6669-4D96-B13C-13F813EB9405}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{3B19828B-F795-4202-9B02-F614A39A95C1}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{F1D78391-298B-4111-A9F6-34FC58A8791D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{782F2153-30F2-49A7-90AE-2C17251E4E8B}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{D47289FB-B7D2-4609-8FC0-E2FD2402D4F2}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{E6ACADFA-DDF9-4553-8A43-986FF25410B0}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{50B48B2E-C250-411F-AC89-4A3D6D632283}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{B593B0D8-8546-40F4-B5FE-8B9A94732287}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [UDP Query User{54D77ABF-5291-4958-A823-17F4A0EEAAC8}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [{1936D3F6-0756-4712-9C87-7C79CAA71ADF}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F24F2FAC-C816-4446-A21C-5D9A920296B3}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Generischer USB-Hub
Description: Generischer USB-Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardmäßige USB-HUBs)
Service: USBHUB3
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/02/2016 03:02:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/30/2016 08:34:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/29/2016 04:21:51 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/29/2016 03:00:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 47.0.0.5999, Zeitstempel: 0x5753660e
Name des fehlerhaften Moduls: mozglue.dll, Version: 47.0.0.5999, Zeitstempel: 0x57535438
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f3ad
ID des fehlerhaften Prozesses: 0x272c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/27/2016 03:05:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/23/2016 06:41:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/22/2016 01:45:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bf4

Startzeit: 01d1cbe75e6775b7

Beendigungszeit: 8

Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

Berichts-ID: 3f4a5e6b-380a-11e6-82a6-74d435fecee4

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/21/2016 09:03:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/21/2016 01:22:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b58

Startzeit: 01d1cb490d9f175e

Beendigungszeit: 6

Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

Berichts-ID: d09733eb-373d-11e6-82a5-74d435fecee4

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/20/2016 06:30:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


Systemfehler:
=============
Error: (07/03/2016 05:33:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1c5045b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2016 05:33:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/02/2016 12:56:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1c132a8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/02/2016 12:56:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/02/2016 06:31:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1938f944" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/02/2016 06:31:58 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 01:34:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (07/01/2016 08:34:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_18f52b19" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/01/2016 08:34:59 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 05:28:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1736e99e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-06-18 03:34:24.844
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 12:17:10.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 08:08:10.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 19:03:21.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 04:37:26.697
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 19:12:17.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 12:35:57.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 08:02:56.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 07:43:50.363
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 17:43:17.753
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8122.83 MB
Verfügbarer physikalischer RAM: 5465.54 MB
Summe virtueller Speicher: 9402.83 MB
Verfügbarer virtueller Speicher: 6467.23 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.01 GB) (Free:34.47 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:575.87 GB) NTFS
Drive f: (Volume) (Fixed) (Total:119.12 GB) (Free:66.03 GB) NTFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:506.91 GB) NTFS
Drive h: (Volume) (Fixed) (Total:2794.39 GB) (Free:2155.08 GB) NTFS
Drive l: () (Removable) (Total:7.39 GB) (Free:7.17 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 341C2E53)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 739174F8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: D5B7C8DD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

FJ1 · 03.07.2016, 16:52

Und noch der TDSS logfile:

Code:

ATTFilter

17:41:12.0211 0x0fd0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:41:33.0448 0x0fd0  ============================================================
17:41:33.0448 0x0fd0  Current date / time: 2016/07/03 17:41:33.0448
17:41:33.0448 0x0fd0  SystemInfo:
17:41:33.0448 0x0fd0  
17:41:33.0448 0x0fd0  OS Version: 10.0.10586 ServicePack: 0.0
17:41:33.0448 0x0fd0  Product type: Workstation
17:41:33.0448 0x0fd0  ComputerName: XXXXXX
17:41:33.0448 0x0fd0  UserName: Fabian
17:41:33.0448 0x0fd0  Windows directory: C:\WINDOWS
17:41:33.0448 0x0fd0  System windows directory: C:\WINDOWS
17:41:33.0448 0x0fd0  Running under WOW64
17:41:33.0448 0x0fd0  Processor architecture: Intel x64
17:41:33.0448 0x0fd0  Number of processors: 8
17:41:33.0448 0x0fd0  Page size: 0x1000
17:41:33.0448 0x0fd0  Boot type: Normal boot
17:41:33.0448 0x0fd0  ============================================================
17:41:33.0682 0x0fd0  KLMD registered as C:\WINDOWS\system32\drivers\62863730.sys
17:41:33.0745 0x0fd0  System UUID: {8ECA9398-138B-0DA9-9AA5-E354BF3B715B}
17:41:33.0963 0x0fd0  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0963 0x0fd0  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0963 0x0fd0  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0963 0x0fd0  Drive \Device\Harddisk3\DR3 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0963 0x0fd0  Drive \Device\Harddisk4\DR4 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:41:33.0963 0x0fd0  Drive \Device\Harddisk7\DR7 - Size: 0x1D9C00000 ( 7.40 Gb ), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:41:33.0979 0x0fd0  ============================================================
17:41:33.0979 0x0fd0  \Device\Harddisk0\DR0:
17:41:33.0979 0x0fd0  GPT partitions:
17:41:33.0979 0x0fd0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5C01A6D7-185F-4748-9D35-F4AE49526B82}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
17:41:33.0979 0x0fd0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {848AB43F-1451-4A07-A674-C9CA0A892772}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xEE3B800
17:41:33.0979 0x0fd0  MBR partitions:
17:41:33.0979 0x0fd0  \Device\Harddisk1\DR1:
17:41:33.0979 0x0fd0  MBR partitions:
17:41:33.0979 0x0fd0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
17:41:33.0979 0x0fd0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDE03800
17:41:33.0979 0x0fd0  \Device\Harddisk2\DR2:
17:41:34.0151 0x0fd0  MBR partitions:
17:41:34.0151 0x0fd0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:41:34.0151 0x0fd0  \Device\Harddisk3\DR3:
17:41:34.0151 0x0fd0  GPT partitions:
17:41:34.0151 0x0fd0  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2A33FBAE-C019-495E-A35A-8237A43EAB4B}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
17:41:34.0151 0x0fd0  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1580E54B-E625-405B-9428-06CC40228EA8}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
17:41:34.0151 0x0fd0  MBR partitions:
17:41:34.0151 0x0fd0  \Device\Harddisk4\DR4:
17:41:34.0151 0x0fd0  MBR partitions:
17:41:34.0151 0x0fd0  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
17:41:34.0151 0x0fd0  \Device\Harddisk7\DR7:
17:41:34.0151 0x0fd0  MBR partitions:
17:41:34.0151 0x0fd0  \Device\Harddisk7\DR7\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
17:41:34.0151 0x0fd0  ============================================================
17:41:34.0151 0x0fd0  C: <-> \Device\Harddisk1\DR1\Partition2
17:41:34.0182 0x0fd0  D: <-> \Device\Harddisk2\DR2\Partition1
17:41:34.0182 0x0fd0  F: <-> \Device\Harddisk0\DR0\Partition2
17:41:34.0651 0x0fd0  G: <-> \Device\Harddisk4\DR4\Partition1
17:41:35.0182 0x0fd0  H: <-> \Device\Harddisk3\DR3\Partition2
17:41:35.0182 0x0fd0  ============================================================
17:41:35.0182 0x0fd0  Initialize success
17:41:35.0182 0x0fd0  ============================================================
17:42:13.0935 0x17bc  ============================================================
17:42:13.0935 0x17bc  Scan started
17:42:13.0935 0x17bc  Mode: Manual; SigCheck; TDLFS; 
17:42:13.0935 0x17bc  ============================================================
17:42:13.0935 0x17bc  KSN ping started
17:42:13.0982 0x17bc  KSN ping finished: true
17:42:15.0326 0x17bc  ================ Scan system memory ========================
17:42:15.0326 0x17bc  System memory - ok
17:42:15.0326 0x17bc  ================ Scan services =============================
17:42:15.0373 0x17bc  1394ohci - ok
17:42:15.0388 0x17bc  3ware - ok
17:42:15.0388 0x17bc  ACPI - ok
17:42:15.0388 0x17bc  [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv      C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys
17:42:15.0404 0x17bc  AcpiCtlDrv - ok
17:42:15.0404 0x17bc  acpiex - ok
17:42:15.0420 0x17bc  acpipagr - ok
17:42:15.0420 0x17bc  AcpiPmi - ok
17:42:15.0420 0x17bc  acpitime - ok
17:42:15.0451 0x17bc  ADP80XX - ok
17:42:15.0451 0x17bc  AFD - ok
17:42:15.0467 0x17bc  agp440 - ok
17:42:15.0498 0x17bc  ahcache - ok
17:42:15.0498 0x17bc  AJRouter - ok
17:42:15.0498 0x17bc  ALG - ok
17:42:15.0498 0x17bc  AmdK8 - ok
17:42:15.0545 0x17bc  AmdPPM - ok
17:42:15.0545 0x17bc  amdsata - ok
17:42:15.0560 0x17bc  amdsbs - ok
17:42:15.0560 0x17bc  amdxata - ok
17:42:15.0623 0x17bc  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
17:42:15.0654 0x17bc  AntiVirMailService - ok
17:42:15.0654 0x17bc  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
17:42:15.0670 0x17bc  AntiVirSchedulerService - ok
17:42:15.0670 0x17bc  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
17:42:15.0685 0x17bc  AntiVirService - ok
17:42:15.0701 0x17bc  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
17:42:15.0732 0x17bc  AntiVirWebService - ok
17:42:15.0732 0x17bc  AppID - ok
17:42:15.0732 0x17bc  AppIDSvc - ok
17:42:15.0732 0x17bc  Appinfo - ok
17:42:15.0732 0x17bc  AppReadiness - ok
17:42:15.0748 0x17bc  AppXSvc - ok
17:42:15.0748 0x17bc  arcsas - ok
17:42:15.0748 0x17bc  AsyncMac - ok
17:42:15.0748 0x17bc  atapi - ok
17:42:15.0764 0x17bc  AudioEndpointBuilder - ok
17:42:15.0764 0x17bc  Audiosrv - ok
17:42:15.0764 0x17bc  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:42:15.0764 0x17bc  avgntflt - ok
17:42:15.0779 0x17bc  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:42:15.0779 0x17bc  avipbb - ok
17:42:15.0779 0x17bc  [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:42:15.0795 0x17bc  Avira.ServiceHost - ok
17:42:15.0795 0x17bc  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:42:15.0795 0x17bc  avkmgr - ok
17:42:15.0810 0x17bc  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:42:15.0810 0x17bc  avnetflt - ok
17:42:15.0810 0x17bc  AxInstSV - ok
17:42:15.0810 0x17bc  b06bdrv - ok
17:42:15.0810 0x17bc  BasicDisplay - ok
17:42:15.0810 0x17bc  BasicRender - ok
17:42:15.0826 0x17bc  bcmfn - ok
17:42:15.0826 0x17bc  bcmfn2 - ok
17:42:15.0826 0x17bc  BDESVC - ok
17:42:15.0826 0x17bc  Beep - ok
17:42:15.0842 0x17bc  BFE - ok
17:42:15.0842 0x17bc  BITS - ok
17:42:15.0842 0x17bc  bowser - ok
17:42:15.0842 0x17bc  BrokerInfrastructure - ok
17:42:15.0842 0x17bc  Browser - ok
17:42:15.0857 0x17bc  BthAvrcpTg - ok
17:42:15.0857 0x17bc  BthHFEnum - ok
17:42:15.0857 0x17bc  bthhfhid - ok
17:42:15.0857 0x17bc  BthHFSrv - ok
17:42:15.0857 0x17bc  BTHMODEM - ok
17:42:15.0873 0x17bc  bthserv - ok
17:42:15.0873 0x17bc  buttonconverter - ok
17:42:15.0873 0x17bc  CapImg - ok
17:42:15.0889 0x17bc  cdfs - ok
17:42:15.0889 0x17bc  CDPSvc - ok
17:42:15.0889 0x17bc  cdrom - ok
17:42:15.0889 0x17bc  CertPropSvc - ok
17:42:15.0889 0x17bc  circlass - ok
17:42:15.0904 0x17bc  CLFS - ok
17:42:15.0904 0x17bc  ClipSVC - ok
17:42:15.0920 0x17bc  CmBatt - ok
17:42:15.0920 0x17bc  CNG - ok
17:42:15.0920 0x17bc  cnghwassist - ok
17:42:15.0935 0x17bc  CompositeBus - ok
17:42:15.0935 0x17bc  COMSysApp - ok
17:42:15.0935 0x17bc  condrv - ok
17:42:15.0935 0x17bc  CoreMessagingRegistrar - ok
17:42:15.0951 0x17bc  CryptSvc - ok
17:42:15.0951 0x17bc  dam - ok
17:42:15.0951 0x17bc  DcomLaunch - ok
17:42:15.0967 0x17bc  DcpSvc - ok
17:42:15.0967 0x17bc  defragsvc - ok
17:42:15.0967 0x17bc  DeviceAssociationService - ok
17:42:15.0967 0x17bc  DeviceInstall - ok
17:42:15.0967 0x17bc  DevQueryBroker - ok
17:42:15.0967 0x17bc  Dfsc - ok
17:42:15.0982 0x17bc  Dhcp - ok
17:42:15.0982 0x17bc  diagnosticshub.standardcollector.service - ok
17:42:15.0982 0x17bc  DiagTrack - ok
17:42:15.0982 0x17bc  disk - ok
17:42:15.0998 0x17bc  DmEnrollmentSvc - ok
17:42:15.0998 0x17bc  dmvsc - ok
17:42:15.0998 0x17bc  dmwappushservice - ok
17:42:15.0998 0x17bc  Dnscache - ok
17:42:16.0014 0x17bc  dot3svc - ok
17:42:16.0014 0x17bc  DPS - ok
17:42:16.0014 0x17bc  drmkaud - ok
17:42:16.0014 0x17bc  DsmSvc - ok
17:42:16.0014 0x17bc  DsSvc - ok
17:42:16.0029 0x17bc  DXGKrnl - ok
17:42:16.0029 0x17bc  e1iexpress - ok
17:42:16.0029 0x17bc  Eaphost - ok
17:42:16.0029 0x17bc  ebdrv - ok
17:42:16.0029 0x17bc  EFS - ok
17:42:16.0029 0x17bc  EhStorClass - ok
17:42:16.0045 0x17bc  EhStorTcgDrv - ok
17:42:16.0045 0x17bc  embeddedmode - ok
17:42:16.0045 0x17bc  EntAppSvc - ok
17:42:16.0045 0x17bc  ErrDev - ok
17:42:16.0060 0x17bc  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
17:42:16.0060 0x17bc  etdrv - ok
17:42:16.0060 0x17bc  EventSystem - ok
17:42:16.0060 0x17bc  exfat - ok
17:42:16.0076 0x17bc  fastfat - ok
17:42:16.0076 0x17bc  Fax - ok
17:42:16.0076 0x17bc  fdc - ok
17:42:16.0076 0x17bc  fdPHost - ok
17:42:16.0076 0x17bc  FDResPub - ok
17:42:16.0092 0x17bc  fhsvc - ok
17:42:16.0092 0x17bc  FileCrypt - ok
17:42:16.0092 0x17bc  FileInfo - ok
17:42:16.0092 0x17bc  Filetrace - ok
17:42:16.0107 0x17bc  flpydisk - ok
17:42:16.0107 0x17bc  FltMgr - ok
17:42:16.0107 0x17bc  FontCache - ok
17:42:16.0107 0x17bc  FontCache3.0.0.0 - ok
17:42:16.0123 0x17bc  FsDepends - ok
17:42:16.0123 0x17bc  Fs_Rec - ok
17:42:16.0123 0x17bc  fvevol - ok
17:42:16.0123 0x17bc  [ A4D2E469EC6F1EC307764954594AA2C4, 2598DBB47DB123C6F76C9000A71DFE5233CC7AD0B62B383C4616F351E9FB4F78 ] gadjservice     C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
17:42:16.0123 0x17bc  gadjservice - detected UnsignedFile.Multi.Generic ( 1 )
17:42:16.0185 0x17bc  Detect skipped due to KSN trusted
17:42:16.0185 0x17bc  gadjservice - ok
17:42:16.0201 0x17bc  gagp30kx - ok
17:42:16.0201 0x17bc  [ 9AB9F3B75A2EB87FAFB1B7361BE9DFB3, 31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427 ] gdrv            C:\Windows\gdrv.sys
17:42:16.0217 0x17bc  gdrv - ok
17:42:16.0232 0x17bc  gencounter - ok
17:42:16.0232 0x17bc  genericusbfn - ok
17:42:16.0264 0x17bc  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:42:16.0295 0x17bc  GfExperienceService - ok
17:42:16.0295 0x17bc  GPIOClx0101 - ok
17:42:16.0295 0x17bc  gpsvc - ok
17:42:16.0295 0x17bc  GpuEnergyDrv - ok
17:42:16.0295 0x17bc  HDAudBus - ok
17:42:16.0310 0x17bc  HidBatt - ok
17:42:16.0310 0x17bc  HidBth - ok
17:42:16.0310 0x17bc  hidi2c - ok
17:42:16.0310 0x17bc  hidinterrupt - ok
17:42:16.0310 0x17bc  HidIr - ok
17:42:16.0326 0x17bc  hidserv - ok
17:42:16.0326 0x17bc  HidUsb - ok
17:42:16.0326 0x17bc  [ BBCC44D677183BEFED776C1ED6B138D1, A219E3C834550FA70E3D3986BFB31C40249B8A43F13BA023B21341C08249A65C ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
17:42:16.0326 0x17bc  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
17:42:16.0467 0x17bc  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
17:42:16.0576 0x17bc  HomeGroupListener - ok
17:42:16.0576 0x17bc  HomeGroupProvider - ok
17:42:16.0592 0x17bc  HpSAMD - ok
17:42:16.0592 0x17bc  HTTP - ok
17:42:16.0607 0x17bc  [ D0D161D4E0176593BD4031E8F38EE6C1, BE7279BBC522B406B571EDAF880BD37501CBA7B87C48936D41C0CD148C5C648E ] HwmRecordService C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe
17:42:16.0623 0x17bc  HwmRecordService - ok
17:42:16.0623 0x17bc  hwpolicy - ok
17:42:16.0623 0x17bc  hyperkbd - ok
17:42:16.0639 0x17bc  i8042prt - ok
17:42:16.0639 0x17bc  iai2c - ok
17:42:16.0639 0x17bc  iaLPSS2i_I2C - ok
17:42:16.0654 0x17bc  iaLPSSi_GPIO - ok
17:42:16.0654 0x17bc  iaLPSSi_I2C - ok
17:42:16.0670 0x17bc  [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:42:16.0685 0x17bc  iaStorA - ok
17:42:16.0685 0x17bc  iaStorAV - ok
17:42:16.0685 0x17bc  [ F35FBCEB1B71BC20BBAFA526E203D6A1, F389B689B5DF0D204E3EA21B7201A89D29DE518716781BB390AC6E5CED64C790 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:42:16.0685 0x17bc  IAStorDataMgrSvc - ok
17:42:16.0685 0x17bc  iaStorV - ok
17:42:16.0701 0x17bc  ibbus - ok
17:42:16.0701 0x17bc  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:42:16.0701 0x17bc  ICCS - ok
17:42:16.0717 0x17bc  [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
17:42:16.0717 0x17bc  ICCWDT - ok
17:42:16.0717 0x17bc  icssvc - ok
17:42:16.0717 0x17bc  IEEtwCollectorService - ok
17:42:16.0717 0x17bc  IKEEXT - ok
17:42:16.0795 0x17bc  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:42:16.0857 0x17bc  IntcAzAudAddService - ok
17:42:16.0873 0x17bc  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:42:16.0889 0x17bc  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:42:16.0889 0x17bc  [ FA6094444A7DC90449800F964E0A8668, A6DCF395649FA185596D55713888922BA2A61D96AD0D5E7860FD47EE30B7E4CF ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:42:16.0904 0x17bc  Intel(R) PROSet Monitoring Service - ok
17:42:16.0904 0x17bc  intelide - ok
17:42:16.0904 0x17bc  intelpep - ok
17:42:16.0920 0x17bc  intelppm - ok
17:42:16.0920 0x17bc  [ 6D71CC813AC0963C5C78C19EC656048A, E6D7AA29A5860C7FB8AA76A47BF64C12D7E68CF98EABB7A3F9D9F3A918155FA7 ] iocbios2        C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
17:42:16.0920 0x17bc  iocbios2 - ok
17:42:16.0920 0x17bc  IoQos - ok
17:42:16.0920 0x17bc  IpFilterDriver - ok
17:42:16.0936 0x17bc  iphlpsvc - ok
17:42:16.0936 0x17bc  IPMIDRV - ok
17:42:16.0936 0x17bc  IPNAT - ok
17:42:16.0936 0x17bc  IRENUM - ok
17:42:16.0951 0x17bc  isapnp - ok
17:42:16.0951 0x17bc  iScsiPrt - ok
17:42:16.0951 0x17bc  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:42:16.0951 0x17bc  jhi_service - ok
17:42:16.0951 0x17bc  kbdclass - ok
17:42:16.0967 0x17bc  kbdhid - ok
17:42:16.0967 0x17bc  kdnic - ok
17:42:16.0967 0x17bc  KeyIso - ok
17:42:16.0967 0x17bc  KSecDD - ok
17:42:16.0982 0x17bc  KSecPkg - ok
17:42:16.0982 0x17bc  ksthunk - ok
17:42:16.0982 0x17bc  KtmRm - ok
17:42:16.0982 0x17bc  LanmanServer - ok
17:42:16.0982 0x17bc  LanmanWorkstation - ok
17:42:16.0998 0x17bc  lfsvc - ok
17:42:16.0998 0x17bc  LicenseManager - ok
17:42:16.0998 0x17bc  lltdio - ok
17:42:16.0998 0x17bc  lltdsvc - ok
17:42:16.0998 0x17bc  lmhosts - ok
17:42:17.0014 0x17bc  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:42:17.0029 0x17bc  LMS - ok
17:42:17.0029 0x17bc  LSI_SAS - ok
17:42:17.0029 0x17bc  LSI_SAS2i - ok
17:42:17.0045 0x17bc  LSI_SAS3i - ok
17:42:17.0045 0x17bc  LSI_SSS - ok
17:42:17.0045 0x17bc  LSM - ok
17:42:17.0045 0x17bc  luafv - ok
17:42:17.0045 0x17bc  MapsBroker - ok
17:42:17.0045 0x17bc  megasas - ok
17:42:17.0060 0x17bc  megasr - ok
17:42:17.0060 0x17bc  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:42:17.0076 0x17bc  MEIx64 - ok
17:42:17.0076 0x17bc  MessagingService - ok
17:42:17.0092 0x17bc  mlx4_bus - ok
17:42:17.0092 0x17bc  MMCSS - ok
17:42:17.0092 0x17bc  Modem - ok
17:42:17.0092 0x17bc  monitor - ok
17:42:17.0092 0x17bc  mouclass - ok
17:42:17.0092 0x17bc  mouhid - ok
17:42:17.0107 0x17bc  mountmgr - ok
17:42:17.0107 0x17bc  [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:42:17.0123 0x17bc  MozillaMaintenance - ok
17:42:17.0123 0x17bc  mpsdrv - ok
17:42:17.0123 0x17bc  MpsSvc - ok
17:42:17.0123 0x17bc  MRxDAV - ok
17:42:17.0139 0x17bc  mrxsmb - ok
17:42:17.0139 0x17bc  mrxsmb10 - ok
17:42:17.0139 0x17bc  mrxsmb20 - ok
17:42:17.0139 0x17bc  MsBridge - ok
17:42:17.0139 0x17bc  MSDTC - ok
17:42:17.0154 0x17bc  Msfs - ok
17:42:17.0154 0x17bc  msgpiowin32 - ok
17:42:17.0154 0x17bc  mshidkmdf - ok
17:42:17.0154 0x17bc  mshidumdf - ok
17:42:17.0154 0x17bc  msisadrv - ok
17:42:17.0170 0x17bc  MSiSCSI - ok
17:42:17.0170 0x17bc  msiserver - ok
17:42:17.0170 0x17bc  MSKSSRV - ok
17:42:17.0170 0x17bc  MsLldp - ok
17:42:17.0170 0x17bc  MSPCLOCK - ok
17:42:17.0186 0x17bc  MSPQM - ok
17:42:17.0186 0x17bc  MsRPC - ok
17:42:17.0186 0x17bc  mssmbios - ok
17:42:17.0201 0x17bc  MSTEE - ok
17:42:17.0201 0x17bc  MTConfig - ok
17:42:17.0201 0x17bc  Mup - ok
17:42:17.0201 0x17bc  mvumis - ok
17:42:17.0217 0x17bc  NativeWifiP - ok
17:42:17.0217 0x17bc  NcaSvc - ok
17:42:17.0217 0x17bc  NcbService - ok
17:42:17.0217 0x17bc  NcdAutoSetup - ok
17:42:17.0232 0x17bc  ndfltr - ok
17:42:17.0232 0x17bc  NDIS - ok
17:42:17.0232 0x17bc  NdisCap - ok
17:42:17.0232 0x17bc  NdisImPlatform - ok
17:42:17.0232 0x17bc  NdisTapi - ok
17:42:17.0232 0x17bc  Ndisuio - ok
17:42:17.0248 0x17bc  NdisVirtualBus - ok
17:42:17.0248 0x17bc  NdisWan - ok
17:42:17.0248 0x17bc  ndiswanlegacy - ok
17:42:17.0248 0x17bc  ndproxy - ok
17:42:17.0248 0x17bc  Ndu - ok
17:42:17.0248 0x17bc  NetBIOS - ok
17:42:17.0264 0x17bc  NetBT - ok
17:42:17.0264 0x17bc  Netlogon - ok
17:42:17.0264 0x17bc  Netman - ok
17:42:17.0279 0x17bc  netprofm - ok
17:42:17.0279 0x17bc  NetSetupSvc - ok
17:42:17.0279 0x17bc  NetTcpPortSharing - ok
17:42:17.0279 0x17bc  NgcCtnrSvc - ok
17:42:17.0295 0x17bc  NgcSvc - ok
17:42:17.0295 0x17bc  NlaSvc - ok
17:42:17.0295 0x17bc  Npfs - ok
17:42:17.0295 0x17bc  npsvctrig - ok
17:42:17.0295 0x17bc  nsi - ok
17:42:17.0295 0x17bc  nsiproxy - ok
17:42:17.0311 0x17bc  NTFS - ok
17:42:17.0311 0x17bc  Null - ok
17:42:17.0311 0x17bc  [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
17:42:17.0326 0x17bc  NVHDA - ok
17:42:17.0498 0x17bc  [ 113505A56DAE1354960B7FF9E30E9AEA, 8A172BA5A06BA4949847A8F349128609AB324B3582707BECB9E786222BFE58D3 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:42:17.0686 0x17bc  nvlddmkm - ok
17:42:17.0717 0x17bc  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:42:17.0748 0x17bc  NvNetworkService - ok
17:42:17.0748 0x17bc  nvraid - ok
17:42:17.0748 0x17bc  nvstor - ok
17:42:17.0764 0x17bc  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:42:17.0764 0x17bc  NvStreamKms - ok
17:42:17.0826 0x17bc  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
17:42:17.0889 0x17bc  NvStreamNetworkSvc - ok
17:42:17.0920 0x17bc  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
17:42:17.0951 0x17bc  NvStreamSvc - ok
17:42:17.0982 0x17bc  [ 334AD0B00C21E84B4CE3E20682D308BF, D17BC6D1B26AA10A1A4622AB36E3CDCBF35A9B9CA07CEC6FF865951FB45C9D03 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
17:42:17.0998 0x17bc  nvsvc - ok
17:42:18.0014 0x17bc  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:42:18.0014 0x17bc  nvvad_WaveExtensible - ok
17:42:18.0014 0x17bc  nv_agp - ok
17:42:18.0014 0x17bc  OneSyncSvc - ok
17:42:18.0139 0x17bc  [ 7C77BE6B074F774355B582B4C8E8C850, 046208210A9BD4AE9D20A2EE1C886F740C5BC1ECACEA2F55D6627F7FDD013D21 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:42:18.0170 0x17bc  Origin Client Service - ok
17:42:18.0170 0x17bc  p2pimsvc - ok
17:42:18.0170 0x17bc  p2psvc - ok
17:42:18.0201 0x17bc  Parport - ok
17:42:18.0201 0x17bc  partmgr - ok
17:42:18.0217 0x17bc  PcaSvc - ok
17:42:18.0217 0x17bc  pci - ok
17:42:18.0248 0x17bc  pciide - ok
17:42:18.0248 0x17bc  pcmcia - ok
17:42:18.0248 0x17bc  pcw - ok
17:42:18.0264 0x17bc  pdc - ok
17:42:18.0295 0x17bc  PEAUTH - ok
17:42:18.0295 0x17bc  percsas2i - ok
17:42:18.0295 0x17bc  percsas3i - ok
17:42:18.0326 0x17bc  PerfHost - ok
17:42:18.0357 0x17bc  PhoneSvc - ok
17:42:18.0357 0x17bc  PimIndexMaintenanceSvc - ok
17:42:18.0420 0x17bc  pla - ok
17:42:18.0420 0x17bc  PlugPlay - ok
17:42:18.0420 0x17bc  PNRPAutoReg - ok
17:42:18.0436 0x17bc  PNRPsvc - ok
17:42:18.0436 0x17bc  PolicyAgent - ok
17:42:18.0451 0x17bc  Power - ok
17:42:18.0451 0x17bc  PptpMiniport - ok
17:42:18.0529 0x17bc  [ 15709A9AB1411565754CEE33AAB36387, 77CBC04346F8F247B4614CE65FBD225F0A24827EDD1FDB34900D05673B682D84 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:42:18.0592 0x17bc  PrintNotify - ok
17:42:18.0607 0x17bc  Processor - ok
17:42:18.0607 0x17bc  ProfSvc - ok
17:42:18.0607 0x17bc  Psched - ok
17:42:18.0607 0x17bc  QWAVE - ok
17:42:18.0607 0x17bc  QWAVEdrv - ok
17:42:18.0623 0x17bc  RasAcd - ok
17:42:18.0623 0x17bc  RasAgileVpn - ok
17:42:18.0623 0x17bc  RasAuto - ok
17:42:18.0623 0x17bc  Rasl2tp - ok
17:42:18.0623 0x17bc  RasMan - ok
17:42:18.0639 0x17bc  RasPppoe - ok
17:42:18.0639 0x17bc  RasSstp - ok
17:42:18.0639 0x17bc  rdbss - ok
17:42:18.0639 0x17bc  rdpbus - ok
17:42:18.0639 0x17bc  RDPDR - ok
17:42:18.0654 0x17bc  RdpVideoMiniport - ok
17:42:18.0654 0x17bc  rdyboost - ok
17:42:18.0670 0x17bc  ReFSv1 - ok
17:42:18.0670 0x17bc  RemoteAccess - ok
17:42:18.0670 0x17bc  RemoteRegistry - ok
17:42:18.0670 0x17bc  RetailDemo - ok
17:42:18.0670 0x17bc  RpcEptMapper - ok
17:42:18.0686 0x17bc  RpcLocator - ok
17:42:18.0686 0x17bc  RpcSs - ok
17:42:18.0686 0x17bc  rspndr - ok
17:42:18.0686 0x17bc  s3cap - ok
17:42:18.0686 0x17bc  SamSs - ok
17:42:18.0701 0x17bc  sbp2port - ok
17:42:18.0701 0x17bc  SCardSvr - ok
17:42:18.0701 0x17bc  ScDeviceEnum - ok
17:42:18.0701 0x17bc  scfilter - ok
17:42:18.0717 0x17bc  Schedule - ok
17:42:18.0717 0x17bc  SCPolicySvc - ok
17:42:18.0717 0x17bc  [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus         C:\WINDOWS\System32\drivers\ScpVBus.sys
17:42:18.0717 0x17bc  ScpVBus - ok
17:42:18.0717 0x17bc  sdbus - ok
17:42:18.0717 0x17bc  SDRSVC - ok
17:42:18.0733 0x17bc  sdstor - ok
17:42:18.0733 0x17bc  seclogon - ok
17:42:18.0733 0x17bc  SENS - ok
17:42:18.0733 0x17bc  SensorDataService - ok
17:42:18.0733 0x17bc  SensorService - ok
17:42:18.0748 0x17bc  SensrSvc - ok
17:42:18.0748 0x17bc  SerCx - ok
17:42:18.0748 0x17bc  SerCx2 - ok
17:42:18.0748 0x17bc  Serenum - ok
17:42:18.0764 0x17bc  Serial - ok
17:42:18.0764 0x17bc  sermouse - ok
17:42:18.0764 0x17bc  SessionEnv - ok
17:42:18.0779 0x17bc  sfloppy - ok
17:42:18.0779 0x17bc  SharedAccess - ok
17:42:18.0779 0x17bc  ShellHWDetection - ok
17:42:18.0779 0x17bc  SiSRaid2 - ok
17:42:18.0779 0x17bc  SiSRaid4 - ok
17:42:18.0795 0x17bc  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:42:18.0795 0x17bc  SkypeUpdate - ok
17:42:18.0795 0x17bc  smphost - ok
17:42:18.0811 0x17bc  SmsRouter - ok
17:42:18.0811 0x17bc  SNMPTRAP - ok
17:42:18.0811 0x17bc  spaceport - ok
17:42:18.0811 0x17bc  SpbCx - ok
17:42:18.0811 0x17bc  Spooler - ok
17:42:18.0826 0x17bc  sppsvc - ok
17:42:18.0826 0x17bc  srv - ok
17:42:18.0826 0x17bc  srv2 - ok
17:42:18.0826 0x17bc  srvnet - ok
17:42:18.0826 0x17bc  SSDPSRV - ok
17:42:18.0842 0x17bc  SstpSvc - ok
17:42:18.0842 0x17bc  StateRepository - ok
17:42:18.0873 0x17bc  [ A4FC868F6FC03876E29E4D87731B8E31, C774DA022879A69CBC2178CA1BB779438CD69D1582B4ECF22C90E4F0C4E9D9E4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:42:18.0889 0x17bc  Steam Client Service - ok
17:42:18.0904 0x17bc  [ 3252926E49BFD4F602535B4C0387ECC7, 7A3F3606D2C48834D461BC5146AA079CA483A76D74C0FC01DAA87D6CE98A4606 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
17:42:18.0904 0x17bc  Stereo Service - ok
17:42:18.0904 0x17bc  stexstor - ok
17:42:18.0904 0x17bc  stisvc - ok
17:42:18.0920 0x17bc  storahci - ok
17:42:18.0920 0x17bc  storflt - ok
17:42:18.0920 0x17bc  stornvme - ok
17:42:18.0920 0x17bc  storqosflt - ok
17:42:18.0920 0x17bc  StorSvc - ok
17:42:18.0920 0x17bc  storufs - ok
17:42:18.0936 0x17bc  storvsc - ok
17:42:18.0936 0x17bc  svsvc - ok
17:42:18.0936 0x17bc  swenum - ok
17:42:18.0936 0x17bc  swprv - ok
17:42:18.0951 0x17bc  Synth3dVsc - ok
17:42:18.0951 0x17bc  SysMain - ok
17:42:18.0951 0x17bc  SystemEventsBroker - ok
17:42:18.0951 0x17bc  TabletInputService - ok
17:42:18.0967 0x17bc  TapiSrv - ok
17:42:18.0967 0x17bc  Tcpip - ok
17:42:18.0967 0x17bc  Tcpip6 - ok
17:42:18.0967 0x17bc  tcpipreg - ok
17:42:18.0983 0x17bc  tdx - ok
17:42:18.0983 0x17bc  terminpt - ok
17:42:18.0983 0x17bc  TermService - ok
17:42:18.0983 0x17bc  Themes - ok
17:42:18.0983 0x17bc  TieringEngineService - ok
17:42:18.0983 0x17bc  tiledatamodelsvc - ok
17:42:18.0998 0x17bc  TimeBroker - ok
17:42:18.0998 0x17bc  TPM - ok
17:42:18.0998 0x17bc  TrkWks - ok
17:42:18.0998 0x17bc  TrustedInstaller - ok
17:42:19.0014 0x17bc  tsusbflt - ok
17:42:19.0014 0x17bc  TsUsbGD - ok
17:42:19.0014 0x17bc  tunnel - ok
17:42:19.0014 0x17bc  tzautoupdate - ok
17:42:19.0029 0x17bc  uagp35 - ok
17:42:19.0029 0x17bc  UASPStor - ok
17:42:19.0029 0x17bc  UcmCx0101 - ok
17:42:19.0029 0x17bc  UcmUcsi - ok
17:42:19.0045 0x17bc  Ucx01000 - ok
17:42:19.0045 0x17bc  UdeCx - ok
17:42:19.0045 0x17bc  udfs - ok
17:42:19.0045 0x17bc  UEFI - ok
17:42:19.0045 0x17bc  Ufx01000 - ok
17:42:19.0045 0x17bc  UfxChipidea - ok
17:42:19.0061 0x17bc  ufxsynopsys - ok
17:42:19.0061 0x17bc  UI0Detect - ok
17:42:19.0061 0x17bc  uliagpkx - ok
17:42:19.0076 0x17bc  umbus - ok
17:42:19.0076 0x17bc  UmPass - ok
17:42:19.0076 0x17bc  UmRdpService - ok
17:42:19.0076 0x17bc  UnistoreSvc - ok
17:42:19.0092 0x17bc  upnphost - ok
17:42:19.0092 0x17bc  UrsChipidea - ok
17:42:19.0092 0x17bc  UrsCx01000 - ok
17:42:19.0092 0x17bc  UrsSynopsys - ok
17:42:19.0108 0x17bc  usbaudio - ok
17:42:19.0108 0x17bc  usbccgp - ok
17:42:19.0108 0x17bc  usbcir - ok
17:42:19.0108 0x17bc  usbehci - ok
17:42:19.0123 0x17bc  usbhub - ok
17:42:19.0123 0x17bc  USBHUB3 - ok
17:42:19.0123 0x17bc  usbohci - ok
17:42:19.0123 0x17bc  usbprint - ok
17:42:19.0123 0x17bc  usbscan - ok
17:42:19.0139 0x17bc  usbser - ok
17:42:19.0139 0x17bc  USBSTOR - ok
17:42:19.0139 0x17bc  usbuhci - ok
17:42:19.0154 0x17bc  USBXHCI - ok
17:42:19.0154 0x17bc  UserDataSvc - ok
17:42:19.0154 0x17bc  UserManager - ok
17:42:19.0170 0x17bc  UsoSvc - ok
17:42:19.0170 0x17bc  VaultSvc - ok
17:42:19.0170 0x17bc  vdrvroot - ok
17:42:19.0170 0x17bc  vds - ok
17:42:19.0170 0x17bc  VerifierExt - ok
17:42:19.0186 0x17bc  vhdmp - ok
17:42:19.0186 0x17bc  vhf - ok
17:42:19.0186 0x17bc  vmbus - ok
17:42:19.0186 0x17bc  VMBusHID - ok
17:42:19.0186 0x17bc  vmicguestinterface - ok
17:42:19.0201 0x17bc  vmicheartbeat - ok
17:42:19.0201 0x17bc  vmickvpexchange - ok
17:42:19.0201 0x17bc  vmicrdv - ok
17:42:19.0201 0x17bc  vmicshutdown - ok
17:42:19.0201 0x17bc  vmictimesync - ok
17:42:19.0217 0x17bc  vmicvmsession - ok
17:42:19.0217 0x17bc  vmicvss - ok
17:42:19.0217 0x17bc  volmgr - ok
17:42:19.0217 0x17bc  volmgrx - ok
17:42:19.0217 0x17bc  volsnap - ok
17:42:19.0233 0x17bc  vpci - ok
17:42:19.0233 0x17bc  vsmraid - ok
17:42:19.0233 0x17bc  VSS - ok
17:42:19.0233 0x17bc  VSTXRAID - ok
17:42:19.0248 0x17bc  vwifibus - ok
17:42:19.0248 0x17bc  vwififlt - ok
17:42:19.0248 0x17bc  W32Time - ok
17:42:19.0248 0x17bc  WacomPen - ok
17:42:19.0264 0x17bc  WalletService - ok
17:42:19.0264 0x17bc  wanarp - ok
17:42:19.0264 0x17bc  wanarpv6 - ok
17:42:19.0264 0x17bc  wbengine - ok
17:42:19.0279 0x17bc  WbioSrvc - ok
17:42:19.0279 0x17bc  Wcmsvc - ok
17:42:19.0279 0x17bc  wcncsvc - ok
17:42:19.0279 0x17bc  WcsPlugInService - ok
17:42:19.0279 0x17bc  WdBoot - ok
17:42:19.0279 0x17bc  Wdf01000 - ok
17:42:19.0295 0x17bc  WdFilter - ok
17:42:19.0295 0x17bc  WdiServiceHost - ok
17:42:19.0295 0x17bc  WdiSystemHost - ok
17:42:19.0295 0x17bc  wdiwifi - ok
17:42:19.0311 0x17bc  WdNisDrv - ok
17:42:19.0311 0x17bc  WdNisSvc - ok
17:42:19.0311 0x17bc  WebClient - ok
17:42:19.0311 0x17bc  Wecsvc - ok
17:42:19.0311 0x17bc  WEPHOSTSVC - ok
17:42:19.0311 0x17bc  wercplsupport - ok
17:42:19.0326 0x17bc  WerSvc - ok
17:42:19.0326 0x17bc  WFPLWFS - ok
17:42:19.0326 0x17bc  WiaRpc - ok
17:42:19.0326 0x17bc  WIMMount - ok
17:42:19.0342 0x17bc  WinDefend - ok
17:42:19.0342 0x17bc  WindowsTrustedRT - ok
17:42:19.0342 0x17bc  WindowsTrustedRTProxy - ok
17:42:19.0342 0x17bc  WinHttpAutoProxySvc - ok
17:42:19.0358 0x17bc  WinMad - ok
17:42:19.0358 0x17bc  Winmgmt - ok
17:42:19.0358 0x17bc  WinRM - ok
17:42:19.0358 0x17bc  WINUSB - ok
17:42:19.0373 0x17bc  WinVerbs - ok
17:42:19.0373 0x17bc  WlanSvc - ok
17:42:19.0373 0x17bc  wlidsvc - ok
17:42:19.0373 0x17bc  WmiAcpi - ok
17:42:19.0373 0x17bc  wmiApSrv - ok
17:42:19.0389 0x17bc  WMPNetworkSvc - ok
17:42:19.0389 0x17bc  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:42:19.0404 0x17bc  Wof - ok
17:42:19.0404 0x17bc  workfolderssvc - ok
17:42:19.0404 0x17bc  wpcfltr - ok
17:42:19.0404 0x17bc  WPDBusEnum - ok
17:42:19.0420 0x17bc  WpdUpFltr - ok
17:42:19.0420 0x17bc  WpnService - ok
17:42:19.0420 0x17bc  ws2ifsl - ok
17:42:19.0420 0x17bc  wscsvc - ok
17:42:19.0420 0x17bc  WSearch - ok
17:42:19.0436 0x17bc  WSService - ok
17:42:19.0436 0x17bc  wuauserv - ok
17:42:19.0436 0x17bc  WudfPf - ok
17:42:19.0436 0x17bc  WUDFRd - ok
17:42:19.0451 0x17bc  wudfsvc - ok
17:42:19.0451 0x17bc  WUDFWpdFs - ok
17:42:19.0451 0x17bc  WwanSvc - ok
17:42:19.0451 0x17bc  XblAuthManager - ok
17:42:19.0467 0x17bc  XblGameSave - ok
17:42:19.0467 0x17bc  xboxgip - ok
17:42:19.0467 0x17bc  XboxNetApiSvc - ok
17:42:19.0467 0x17bc  xinputhid - ok
17:42:19.0483 0x17bc  [ CDA5AD7537D7D34C05D9316155DD6F6C, 11B5AD14342140CFE5AFA332546152686BF5FBBA154FE293E34467F0A0FD845F ] XTU3SERVICE     C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
17:42:19.0483 0x17bc  XTU3SERVICE - ok
17:42:19.0483 0x17bc  xusb22 - ok
17:42:19.0483 0x17bc  ================ Scan global ===============================
17:42:19.0483 0x17bc  [ Global ] - ok
17:42:19.0483 0x17bc  ================ Scan MBR ==================================
17:42:19.0498 0x17bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:42:19.0545 0x17bc  \Device\Harddisk0\DR0 - ok
17:42:19.0545 0x17bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:42:19.0576 0x17bc  \Device\Harddisk1\DR1 - ok
17:42:19.0576 0x17bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:42:19.0811 0x17bc  \Device\Harddisk2\DR2 - ok
17:42:19.0811 0x17bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
17:42:19.0889 0x17bc  \Device\Harddisk3\DR3 - ok
17:42:19.0889 0x17bc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
17:42:19.0983 0x17bc  \Device\Harddisk4\DR4 - ok
17:42:19.0998 0x17bc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk7\DR7
17:42:20.0143 0x17bc  \Device\Harddisk7\DR7 - ok
17:42:20.0143 0x17bc  ================ Scan VBR ==================================
17:42:20.0143 0x17bc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
17:42:20.0143 0x17bc  \Device\Harddisk0\DR0\Partition1 - ok
17:42:20.0159 0x17bc  [ 93C8645052E19E8BA26FAC83D0EFD85F ] \Device\Harddisk0\DR0\Partition2
17:42:20.0159 0x17bc  \Device\Harddisk0\DR0\Partition2 - ok
17:42:20.0175 0x17bc  [ 816C42DE472815B7C4EC6908E881D0C7 ] \Device\Harddisk1\DR1\Partition1
17:42:20.0175 0x17bc  \Device\Harddisk1\DR1\Partition1 - ok
17:42:20.0190 0x17bc  [ 67285750E875B86E0735F241EBC8E984 ] \Device\Harddisk1\DR1\Partition2
17:42:20.0190 0x17bc  \Device\Harddisk1\DR1\Partition2 - ok
17:42:20.0190 0x17bc  [ B55D5ABABBF64A5AC1B974F1CDB63E88 ] \Device\Harddisk2\DR2\Partition1
17:42:20.0237 0x17bc  \Device\Harddisk2\DR2\Partition1 - ok
17:42:20.0237 0x17bc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition1
17:42:20.0237 0x17bc  \Device\Harddisk3\DR3\Partition1 - ok
17:42:20.0237 0x17bc  [ 9BC0F3EE116F361816FBA4272A52B1EE ] \Device\Harddisk3\DR3\Partition2
17:42:20.0300 0x17bc  \Device\Harddisk3\DR3\Partition2 - ok
17:42:20.0300 0x17bc  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk4\DR4\Partition1
17:42:20.0409 0x17bc  \Device\Harddisk4\DR4\Partition1 - ok
17:42:20.0409 0x17bc  [ B20A67283E34345AF61CB30D1D586643 ] \Device\Harddisk7\DR7\Partition1
17:42:20.0409 0x17bc  \Device\Harddisk7\DR7\Partition1 - ok
17:42:20.0409 0x17bc  ================ Scan generic autorun ======================
17:42:20.0596 0x17bc  [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:42:20.0721 0x17bc  RTHDVCPL - ok
17:42:20.0721 0x17bc  [ C9900177A954E22C84A696075A40A173, 33E32173FF811DF1B687916CB3CADAE2907DAF5AC4B80F559039D3B61553C48F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:42:20.0721 0x17bc  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:42:20.0784 0x17bc  Detect skipped due to KSN trusted
17:42:20.0784 0x17bc  IAStorIcon - ok
17:42:20.0862 0x17bc  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:42:20.0893 0x17bc  NvBackend - ok
17:42:20.0909 0x17bc  ShadowPlay - ok
17:42:20.0909 0x17bc  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:42:20.0909 0x17bc  APSDaemon - ok
17:42:20.0925 0x17bc  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
17:42:20.0925 0x17bc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
17:42:20.0987 0x17bc  Detect skipped due to KSN trusted
17:42:20.0987 0x17bc  QuickTime Task - ok
17:42:21.0284 0x17bc  [ 2E0D87473D0C7C3F6ED2787DC54CE8B2, 410C49219EB17903EE70BA4CAC4E6BA41A1D9A915790E027480C8B6D3953F99A ] D:\MWS Reader 5\mwsr5.exe
17:42:21.0659 0x17bc  MWS Reader 5 - detected UnsignedFile.Multi.Generic ( 1 )
17:42:21.0706 0x17bc  Detect skipped due to KSN trusted
17:42:21.0706 0x17bc  MWS Reader 5 - ok
17:42:21.0722 0x17bc  [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:42:21.0737 0x17bc  Avira SystrayStartTrigger - ok
17:42:21.0737 0x17bc  [ 52AAE10C6E26BCF59BA963E23215569A, 7EEF43BF54F558154068E36635D135F60C2EE7F953190638AF3ED75947EEB83C ] C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe
17:42:21.0753 0x17bc  Standard Mouse Driver - detected UnsignedFile.Multi.Generic ( 1 )
17:42:21.0815 0x17bc  Standard Mouse Driver ( UnsignedFile.Multi.Generic ) - warning
17:42:21.0987 0x17bc  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
17:42:22.0003 0x17bc  avgnt - ok
17:42:22.0050 0x17bc  [ 8D8D9C8486CB29D01000BFFFE132780A, E1DD85E8CF029FA2F294A2E162838C0D5F11795338C4DE585FD3A0E58894F7C6 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
17:42:22.0081 0x17bc  Wondershare Helper Compact.exe - ok
17:42:22.0081 0x17bc  [ 31427E1F610AED666C29046A17264C23, E8848F8D32379486DFA5A42B020F2A2FB1D2DD450FBD5EAF16142743A008F480 ] C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe
17:42:22.0081 0x17bc  PreRun - detected UnsignedFile.Multi.Generic ( 1 )
17:42:22.0143 0x17bc  Detect skipped due to KSN trusted
17:42:22.0143 0x17bc  PreRun - ok
17:42:22.0175 0x17bc  OneDriveSetup - ok
17:42:22.0175 0x17bc  OneDriveSetup - ok
17:42:22.0206 0x17bc  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
17:42:22.0222 0x17bc  AmazonMP3DownloaderHelper - ok
17:42:22.0222 0x17bc  Waiting for KSN requests completion. In queue: 49
17:42:23.0253 0x17bc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
17:42:23.0253 0x17bc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
17:42:23.0253 0x17bc  Win FW state via NFP2: enabled ( trusted )
17:42:23.0362 0x17bc  ============================================================
17:42:23.0362 0x17bc  Scan finished
17:42:23.0362 0x17bc  ============================================================
17:42:23.0378 0x1e50  Detected object count: 2
17:42:23.0378 0x1e50  Actual detected object count: 2
17:43:19.0690 0x1e50  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:19.0690 0x1e50  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:43:19.0690 0x1e50  Standard Mouse Driver ( UnsignedFile.Multi.Generic ) - skipped by user
17:43:19.0690 0x1e50  Standard Mouse Driver ( UnsignedFile.Multi.Generic ) - User select action: Skip

M-K-D-B · 03.07.2016, 19:21

Servus,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

FJ1 · 03.07.2016, 20:04

Hi,

hier sind die AdwCleaner und JRT logs:

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 03/07/2016 um 20:51:18
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-01.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Fabian - XXXXXX
# Gestartet von : C:\Users\Fabian\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Users\Fabian\AppData\Roaming\Solvusoft

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKCU\Software\WIN

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1108 Bytes] - [03/07/2016 20:51:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1105 Bytes] - [03/07/2016 20:50:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1254 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by Fabian (Administrator) on 03.07.2016 at 20:57:36,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.07.2016 at 20:58:08,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und hier die beiden neuen FRST logfiles:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Fabian (Administrator) auf XXXXXX (03-07-2016 21:00:02)
Gestartet von C:\Users\Fabian\Desktop
Geladene Profile: Fabian (Verfügbare Profile: Fabian)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Fabian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [MWS Reader 5] => D:\MWS Reader 5\mwsr5.exe [13272064 2015-05-11] (directINNOVATION UG (haftungsbeschränkt))
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cddb9939-cf5a-44a4-ad86-301ed476b62e}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: NoScript - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: Flash and Video Download - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-06-28]
FF Extension: Avira Browser Safety - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\abs@avira.com [2016-06-22]
FF Extension: Adblock Plus - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-05] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-08] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-03-25] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 21:00 - 2016-07-03 21:00 - 00014277 _____ C:\Users\Fabian\Desktop\FRST.txt
2016-07-03 20:58 - 2016-07-03 20:58 - 00000548 _____ C:\Users\Fabian\Desktop\JRT.txt
2016-07-03 20:56 - 2016-07-03 20:57 - 01610816 _____ (Malwarebytes) C:\Users\Fabian\Desktop\JRT.exe
2016-07-03 20:54 - 2016-07-03 20:54 - 00000000 ____D C:\Users\Fabian\Desktop\TB
2016-07-03 20:48 - 2016-07-03 20:51 - 00000000 ____D C:\AdwCleaner
2016-07-03 20:44 - 2016-07-03 20:48 - 03712064 _____ C:\Users\Fabian\Desktop\AdwCleaner_5.201.exe
2016-07-03 17:41 - 2016-07-03 20:48 - 00083964 _____ C:\TDSSKiller.3.1.0.9_03.07.2016_17.41.12_log.txt
2016-07-03 17:40 - 2016-07-03 17:41 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Fabian\Desktop\tdsskiller.exe
2016-07-03 17:36 - 2016-07-03 21:00 - 00000000 ____D C:\FRST
2016-07-03 17:36 - 2016-07-03 17:36 - 02390016 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2016-06-23 23:28 - 2016-06-23 23:33 - 00000194 _____ C:\Users\Fabian\Desktop\Mögliche Lehrgangstermine für Dieter.txt
2016-06-22 17:18 - 2016-06-22 17:18 - 00390740 _____ C:\WINDOWS\Minidump\062216-5265-01.dmp
2016-06-15 14:33 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 14:33 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 14:33 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 14:33 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 14:33 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 14:33 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 14:32 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 14:32 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 14:32 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 14:32 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 14:32 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 14:32 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 14:32 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 14:32 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 14:32 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 14:32 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 14:32 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 14:32 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 14:32 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 14:32 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 14:32 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 14:32 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 14:32 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 14:32 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 14:32 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 14:32 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 14:32 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 14:32 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 14:32 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 02:31 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-14 02:30 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-11 22:50 - 2016-06-11 22:50 - 00000000 ____D C:\Users\Fabian\Desktop\10260611
2016-06-08 01:22 - 2016-07-03 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 20:56 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-03 20:53 - 2015-12-12 09:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 20:53 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-03 20:53 - 2015-05-19 18:03 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2016-07-03 20:51 - 2016-05-09 18:36 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-03 20:51 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-03 20:45 - 2015-05-18 13:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-03 20:44 - 2015-05-18 14:30 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\TS3Client
2016-07-03 17:40 - 2015-10-30 20:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-03 17:40 - 2015-10-30 20:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-03 17:40 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-03 17:40 - 2015-08-19 17:46 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-03 17:33 - 2015-05-29 15:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-03 06:53 - 2015-05-18 13:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-03 02:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 06:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 05:02 - 2015-06-04 04:17 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\vlc
2016-06-29 03:00 - 2015-07-04 03:01 - 00000000 ____D C:\Users\Fabian\AppData\Local\CrashDumps
2016-06-27 06:48 - 2015-05-18 14:24 - 00000000 ____D C:\Users\Fabian\AppData\Local\Windows Live
2016-06-23 21:55 - 2015-10-26 19:20 - 00637904 _____ C:\Users\Fabian\Desktop\Erstattungsantrag_axa_Aug2014.pdf
2016-06-23 18:42 - 2015-11-12 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 17:18 - 2015-12-30 12:59 - 583392731 _____ C:\WINDOWS\MEMORY.DMP
2016-06-22 17:18 - 2015-12-30 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-22 13:02 - 2015-05-18 15:12 - 00000000 ____D C:\Users\Fabian\AppData\Local\Adobe
2016-06-22 01:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 20:08 - 2015-05-31 20:55 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Audacity
2016-06-17 18:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 18:45 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 03:23 - 2015-12-12 09:10 - 00000000 ____D C:\Users\Fabian
2016-06-16 12:17 - 2015-08-19 18:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 12:16 - 2015-12-12 09:09 - 00221744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 22:40 - 2015-05-18 10:34 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-15 17:30 - 2015-05-18 10:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 17:29 - 2015-05-18 10:40 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 02:31 - 2016-03-12 06:26 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-14 02:31 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-14 02:31 - 2015-05-29 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-12 02:11 - 2016-01-29 06:38 - 00129739 _____ C:\Users\Fabian\Documents\starburn.txt
2016-06-10 22:32 - 2015-05-18 10:59 - 00000000 ____D C:\Users\Fabian\AppData\Local\ElevatedDiagnostics
2016-06-07 18:18 - 2016-05-22 11:30 - 00000138 _____ C:\Users\Fabian\Desktop\Anmeldungen Seminar Juni 2016.txt
2016-06-04 02:51 - 2015-12-02 04:42 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-14 13:57 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2015-12-22 18:55 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2015-12-22 18:55 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2015-12-12 09:09 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2015-12-12 09:09 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-12 09:09 - 2015-12-12 09:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Fabian\setup.exe


Einige Dateien in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\avgnt.exe
C:\Users\Fabian\AppData\Local\Temp\libeay32.dll
C:\Users\Fabian\AppData\Local\Temp\msvcr120.dll
C:\Users\Fabian\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Fabian\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Fabian\AppData\Local\Temp\nvStInst.exe
C:\Users\Fabian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Fabian\AppData\Local\Temp\sqlite3.dll
C:\Users\Fabian\AppData\Local\Temp\video-editor_full1080.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 15:05

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Fabian (2016-07-03 21:00:20)
Gestartet von C:\Users\Fabian\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-12 07:14:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-169824235-548985442-2713111802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169824235-548985442-2713111802-503 - Limited - Disabled)
Fabian (S-1-5-21-169824235-548985442-2713111802-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-169824235-548985442-2713111802-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.26.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Kindle (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Binary Domain (HKLM-x32\...\Steam App 203750) (Version:  - Devil's Details)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DaVinci Resolve (HKLM\...\{131F8AE4-9933-4C05-8C22-87D5160501A6}) (Version: 11.3.1018 - Blackmagic Design)
DiRT Showdown (HKLM\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version:  - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Extreme Tuning Utility (HKLM-x32\...\{eb3c7583-932b-4db5-a272-5fb4528656bb}) (Version: 5.1.2.2 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.2.2 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL SLUG 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MWS Reader 5 (HKLM-x32\...\MWS Reader 5_is1) (Version: 5.2.621 - directINNOVATION UG (haftungsbeschränkt))
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith (HKLM-x32\...\Steam App 205190) (Version:  - Ubisoft - San Francisco)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM\...\Steam App 202170) (Version:  - United Front Games)
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager Development)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Standard Mouse Driver (HKLM-x32\...\{6C4453CD-123A-40FB-8227-E23AF8748C5A}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version:  - Most Wanted Entertainment)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version:  - Ubisoft Montreal)
TrueFire (HKLM-x32\...\TrueFire-Course-Player) (Version: 1.043 - TrueFire, Inc.)
TrueFire (x32 Version: 1.043 - TrueFire, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wondershare Filmora(Build 7.2.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2585C5A8-B436-4936-9E5A-59EA2B5F40DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4148D053-DFFA-4F52-AE05-B4FBB11A64DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {459B5445-EF40-41A1-BA16-F4A088D2FE94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {78DDE348-6572-4A32-AA30-40C6CA590488} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {78E2CD17-ACB3-420F-A6A4-BAB9F02B2369} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-03-11] (Intel Corporation)
Task: {877C9E82-F869-4B99-B420-16079C15878C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8F717101-D1E2-4F7D-915A-BB882F176A5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A310B86C-B400-404F-ADDD-5D07A6E88297} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C135CBD3-F486-486C-BE5F-5E95223ADED9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C3F85D89-7DAB-4648-8A78-64E6AFDC3B48} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E4F02A72-B4CD-4D93-9914-389775D8EEB0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-04 03:01 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-22 18:52 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-04 03:01 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-05 12:40 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 05:40 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-12-17 20:14 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:58 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 14:33 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 14:33 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 14:33 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-29 15:12 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-169824235-548985442-2713111802-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4DB165C0-3B50-4F29-83A9-118066C5B0E0}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{87EDAE14-73E0-4F60-B0F6-E8897DC79471}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{97D7C00A-8D8C-4B77-B11B-ACCF1A50D362}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B0072ED3-4326-49AF-8C18-19B0ABB49A1A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{68A51083-93B7-476C-9346-70BCEBE2D97F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{71402935-54FC-4A3C-A89B-762D38BFF3F3}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B0AB0CEA-B931-45AB-B099-B7CE38207785}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BECA9CA9-C7E4-4CD8-9F52-9F1B5661EFE4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{27F0D775-E032-4D18-98D4-AA3A463A838A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{44D79FCE-90CD-4720-BDA0-835508DDDBA4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{85067AED-A593-4ACE-B675-889E2686466D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{64F8E193-FE68-4601-AFE5-AAD566F85D59}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CA62211B-6A38-43EA-B961-F25792CB65B5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{AD1C79D4-D5E7-4C21-8F5A-512E1DAE06A5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{B87BD653-5508-4038-9E40-6A09E31346D3}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{918AE4B2-3899-45E0-821F-E714272183B2}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{90D7268B-42A2-483C-9DE8-90751A1FFDB1}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{FF6CC075-D874-42BE-85D3-3E06E522ABFA}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{EE189F9E-C8C6-4327-8B12-537BBF512A44}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2FD0529D-5498-4ED7-B8AC-FCE5F599F419}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D073BF74-74B8-4DA1-A537-B0D1CA119F92}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{19AFDD39-4DA2-4E45-BA37-E330FDEF143D}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1565F7D-DE84-4035-8DEE-B7206E9CF1E6}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{7B208B0F-15BA-4C79-93F3-F68DD3E83AAE}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{48E82A63-979E-4BCF-8E73-F3E3DD393C2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B81E337D-63C7-439C-9DD9-53D50E4B52B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE76E308-5A2F-4253-9EF9-6616513E7EBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47AA7F0D-D9F1-4B7E-9A40-D10B949379E0}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{1C0EC512-B21B-4E7E-AA40-710EC82B929E}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{08965FE0-DAF8-4114-9EE2-F6BDE29B8994}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{8FD60035-440D-4228-8651-FE173A407201}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{C3012F5A-12B8-4691-84A9-BA7821DA4789}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{36A6470C-E55A-40A5-A66C-02FA53B56F9D}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{47379E4B-8B10-4485-94A8-4BD3264E4C8C}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{175357F2-F573-4D3D-921E-C753466E9D7B}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{C4FBAC76-62C3-4129-9129-6AA71D15FCC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B65F972-7357-4A77-B095-506980250FA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD84042F-B499-4307-8D57-8F34ADCCBD1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED558A9E-B5F6-4994-8A98-54484C132AE1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3FA79838-F973-4615-A8DC-2908E2D8F2AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8300987-E1EF-4FBE-9F34-0DFDAD3FAD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D53E258-2691-4F36-8289-C9173D703A90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9927F7F6-CF0F-42CD-BF04-F1E6A245AD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E767E224-AA9E-4054-9236-EB041BBEF818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D7C54416-17B7-4D58-9BF5-B7297A408C1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{63891AE8-0127-4E8F-9AF1-F4719767148C}] => (Allow) LPort=2869
FirewallRules: [{A5B3CB4F-795E-4F54-AD94-E63DB8C0A42D}] => (Allow) LPort=1900
FirewallRules: [{0AA2D938-1F29-44BD-98F9-47D36F819B11}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C9D110DA-1970-4C73-BE55-70183874E727}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A27A2757-A3CD-4770-93E7-E87E3BC5B85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{68646264-96B9-443E-A22A-AAC877D0D3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{DEE80902-E560-4649-AC4F-DB15E93644EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{D2A47F14-468F-4A06-942E-94FAB186562A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{72EA5811-5DEE-4F54-9D07-9C5D61E13CD5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{941B2260-2540-449F-8297-6F0C4DFB01EE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{EBD0578E-6AA2-47F1-9141-BED286E8C74C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{69138AF8-07F1-410C-B7FD-6E07C9EA5689}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{9ABE302E-A4D2-4EC7-8B3B-30F365DDB083}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{228C823E-5C17-457A-9D69-767116B49519}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{B9B60B94-C865-4C46-9126-7AC780D95E46}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{5EFB0068-50AD-498F-92EA-3759C76B0E21}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{ABCE225E-0769-42E2-920D-070827736CB6}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{4438F0B0-3511-4296-A5B1-64A0EF9101CA}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{56579952-A060-4A31-BBFF-84EF85458447}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{F583E076-404A-4F8B-8D01-98E862676D22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C37E844E-040D-4BAC-9A6A-5ED5E5D11224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DC4DA8CC-0809-47C2-A941-16615DA6285D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0A9D05E1-C263-42F2-9958-E6508D93C6EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{868286D2-6613-4E9C-B108-C4C72A834C40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{908741BA-0DC7-4334-8D29-A1F085A1976A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0046F909-CC54-4F62-A176-E019205F7B7D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9C65EFB-7A3E-4270-B912-5AAC9656682C}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{DD071BBD-A707-4565-AE3A-F7527B9CBF59}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [TCP Query User{43DC946D-2BF5-43F0-90EB-B7D8F91BE03D}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{9AC11793-1563-4026-8D3A-A613D0005C33}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{7745B9FA-1A0F-446B-8207-77AF24D8A0C1}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F72AB61B-265F-4FC2-9223-C14C1E7EA32E}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{1E411233-531F-48DB-B783-E421A3E450E6}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{CA760D28-E3C8-40B7-98A5-EA66C71FCA8E}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{D08CFEC4-C360-49C3-B2B0-358FC6FCD100}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{36383C22-81BB-4855-85BA-747A3BA4E074}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{5ABC6840-912B-42F5-89F0-BF76EFBC9EE0}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{DE9B87CF-748F-4533-A7FC-97F418A326AC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{266E98C1-EFEA-4DF7-B199-5841E1F7F61A}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{1DB52B6B-5FD7-4CAD-9179-99DCCC2353DC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{F0897921-8C2E-4394-81B5-78C11B653BEE}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{315E81AB-7177-4E63-A8B6-4DF72D9D2E94}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{A5AF2C95-DBF6-4FB3-BA48-AD7AA6EC7FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{131A07E7-53CC-4837-A30E-595EC020CFE3}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{6A2D7F00-3F48-49DF-828A-9F8A5619AEDE}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8486B426-E378-42FC-A8F0-5F47792EDFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{45CAEFDB-E770-4372-9B16-F4B51900CFAC}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{B21E5AA3-20EB-4C59-BE7D-21A12CD048C1}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{62ED10E3-A79B-4087-A928-3A92CC3C6984}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{19C3C641-E9A7-47FC-9341-3C5432AD85EE}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{C3B8A625-3DDB-48CA-B3CD-AAA145F5CB71}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{2C06568C-3103-45B3-B9DB-7DAB24BDF184}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{4F0727D7-367E-495E-A03A-465BDCB944AF}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{948D4F1B-6669-4D96-B13C-13F813EB9405}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{3B19828B-F795-4202-9B02-F614A39A95C1}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{F1D78391-298B-4111-A9F6-34FC58A8791D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{782F2153-30F2-49A7-90AE-2C17251E4E8B}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{D47289FB-B7D2-4609-8FC0-E2FD2402D4F2}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{E6ACADFA-DDF9-4553-8A43-986FF25410B0}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{50B48B2E-C250-411F-AC89-4A3D6D632283}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{B593B0D8-8546-40F4-B5FE-8B9A94732287}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [UDP Query User{54D77ABF-5291-4958-A823-17F4A0EEAAC8}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [{1936D3F6-0756-4712-9C87-7C79CAA71ADF}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F24F2FAC-C816-4446-A21C-5D9A920296B3}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Generischer USB-Hub
Description: Generischer USB-Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardmäßige USB-HUBs)
Service: USBHUB3
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/02/2016 03:02:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/30/2016 08:34:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/29/2016 04:21:51 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/29/2016 03:00:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 47.0.0.5999, Zeitstempel: 0x5753660e
Name des fehlerhaften Moduls: mozglue.dll, Version: 47.0.0.5999, Zeitstempel: 0x57535438
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f3ad
ID des fehlerhaften Prozesses: 0x272c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/27/2016 03:05:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/23/2016 06:41:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/22/2016 01:45:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bf4

Startzeit: 01d1cbe75e6775b7

Beendigungszeit: 8

Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

Berichts-ID: 3f4a5e6b-380a-11e6-82a6-74d435fecee4

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/21/2016 09:03:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/21/2016 01:22:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.18.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b58

Startzeit: 01d1cb490d9f175e

Beendigungszeit: 6

Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

Berichts-ID: d09733eb-373d-11e6-82a5-74d435fecee4

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/20/2016 06:30:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


Systemfehler:
=============
Error: (07/03/2016 08:57:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.225.323.0)

Error: (07/03/2016 08:51:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.


Error: (07/03/2016 08:51:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50 = Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (07/03/2016 08:51:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_322f5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/03/2016 08:51:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/03/2016 08:51:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2016 08:51:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Extreme Tuning Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2016 08:51:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2016 08:51:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2016 08:51:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-06-18 03:34:24.844
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 12:17:10.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 08:08:10.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 19:03:21.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 04:37:26.697
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 19:12:17.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 12:35:57.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 08:02:56.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 07:43:50.363
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 17:43:17.753
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8122.83 MB
Verfügbarer physikalischer RAM: 5561.27 MB
Summe virtueller Speicher: 9402.83 MB
Verfügbarer virtueller Speicher: 6641.8 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.01 GB) (Free:34.4 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:575.87 GB) NTFS
Drive f: (Volume) (Fixed) (Total:119.12 GB) (Free:66.03 GB) NTFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:506.91 GB) NTFS
Drive h: (Volume) (Fixed) (Total:2794.39 GB) (Free:2155.08 GB) NTFS
Drive l: () (Removable) (Total:7.39 GB) (Free:7.17 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 341C2E53)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 739174F8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: D5B7C8DD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 03.07.2016, 20:07

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
Task: {2585C5A8-B436-4936-9E5A-59EA2B5F40DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4148D053-DFFA-4F52-AE05-B4FBB11A64DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {459B5445-EF40-41A1-BA16-F4A088D2FE94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {78DDE348-6572-4A32-AA30-40C6CA590488} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {877C9E82-F869-4B99-B420-16079C15878C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8F717101-D1E2-4F7D-915A-BB882F176A5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A310B86C-B400-404F-ADDD-5D07A6E88297} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C135CBD3-F486-486C-BE5F-5E95223ADED9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E4F02A72-B4CD-4D93-9914-389775D8EEB0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

FJ1 · 03.07.2016, 22:41

Hi,

hatte beim ersten Versuch mit der Fixlist einen Rechnerabsturz, im zweiten Anlauf hat es dann geklappt.

Hier sind die logfiles:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Fabian (2016-07-03 21:35:41) Run:2
Gestartet von C:\Users\Fabian\Desktop
Geladene Profile: Fabian (Verfügbare Profile: Fabian)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Task: {2585C5A8-B436-4936-9E5A-59EA2B5F40DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4148D053-DFFA-4F52-AE05-B4FBB11A64DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {459B5445-EF40-41A1-BA16-F4A088D2FE94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {78DDE348-6572-4A32-AA30-40C6CA590488} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {877C9E82-F869-4B99-B420-16079C15878C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8F717101-D1E2-4F7D-915A-BB882F176A5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A310B86C-B400-404F-ADDD-5D07A6E88297} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C135CBD3-F486-486C-BE5F-5E95223ADED9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E4F02A72-B4CD-4D93-9914-389775D8EEB0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2585C5A8-B436-4936-9E5A-59EA2B5F40DF} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4148D053-DFFA-4F52-AE05-B4FBB11A64DA} => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{459B5445-EF40-41A1-BA16-F4A088D2FE94}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{459B5445-EF40-41A1-BA16-F4A088D2FE94}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78DDE348-6572-4A32-AA30-40C6CA590488}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78DDE348-6572-4A32-AA30-40C6CA590488}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{877C9E82-F869-4B99-B420-16079C15878C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{877C9E82-F869-4B99-B420-16079C15878C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F717101-D1E2-4F7D-915A-BB882F176A5C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F717101-D1E2-4F7D-915A-BB882F176A5C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A310B86C-B400-404F-ADDD-5D07A6E88297}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A310B86C-B400-404F-ADDD-5D07A6E88297}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A87E9F56-ED4E-4405-B5A4-DDFF7CFF4C9C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C135CBD3-F486-486C-BE5F-5E95223ADED9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C135CBD3-F486-486C-BE5F-5E95223ADED9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEB617C9-F5D5-4FC1-89F9-00CCB1BA4265}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4F02A72-B4CD-4D93-9914-389775D8EEB0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4F02A72-B4CD-4D93-9914-389775D8EEB0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-169824235-548985442-2713111802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-169824235-548985442-2713111802-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 555656830 B
Java, Flash, Steam htmlcache => 359948171 B
Windows/system/drivers => 17569018 B
Edge => 10240 B
Chrome => 0 B
Firefox => 385485629 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4950618 B
NetworkService => 58011884 B
Fabian => 1677531153 B

RecycleBin => 0 B
EmptyTemp: => 2.8 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:38:03 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=93adb80c66c7c644a3f0f0f74b348e2b
# end=init
# utc_time=2016-07-03 07:45:12
# local_time=2016-07-03 09:45:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 29995
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 29995
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=93adb80c66c7c644a3f0f0f74b348e2b
# end=updated
# utc_time=2016-07-03 07:55:17
# local_time=2016-07-03 09:55:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=93adb80c66c7c644a3f0f0f74b348e2b
# engine=29995
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-03 09:20:08
# local_time=2016-07-03 11:20:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 20794 23527725 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8545 21394951 0 0
# scanned=500003
# found=0
# cleaned=0
# scan_time=5091

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : JUNKER
   Windows . . . . . . . : 10.0.0.10586.X64/8
   User name . . . . . . : Junker\Fabian
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-07-03 23:35:53
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 32s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 2

   Objects scanned . . . : 1.647.331
   Files scanned . . . . : 33.000
   Remnants scanned  . . : 360.767 files / 1.253.564 keys

Malware _____________________________________________________________________

   C:\Users\Fabian\AppData\Local\NVIDIA\NvBackend\StreamingAssets\sniper_elite_3\automated_launch.exe
      Size . . . . . . . : 46.592 bytes
      Age  . . . . . . . : 111.0 days (2016-03-14 23:43:21)
      Entropy  . . . . . : 5.2
      SHA-256  . . . . . : C2436FAE74C8700B906D77C9C8E55F5A11FE49563C2D95B363E6B17500B5BEDB
      Product  . . . . . : OL
      LanguageID . . . . : 0
    > Bitdefender  . . . : Trojan.GenericKD.2079543
      Fuzzy  . . . . . . : 106.0


Suspicious files ____________________________________________________________

   C:\Users\Fabian\Desktop\FRST64.exe
      Size . . . . . . . : 2.390.016 bytes
      Age  . . . . . . . : 0.2 days (2016-07-03 17:36:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 7794F8C87CF1B998C5F69D8A60420658B0E22DD69BB1A91C3D1D1FF1C713858F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

FJ1 · 03.07.2016, 22:44

Und die neuen FRST logfiles:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Fabian (Administrator) auf XXXXXX (03-07-2016 23:38:14)
Gestartet von C:\Users\Fabian\Desktop
Geladene Profile: Fabian (Verfügbare Profile: Fabian)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [MWS Reader 5] => D:\MWS Reader 5\mwsr5.exe [13272064 2015-05-11] (directINNOVATION UG (haftungsbeschränkt))
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{cddb9939-cf5a-44a4-ad86-301ed476b62e}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Fabian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-169824235-548985442-2713111802-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: NoScript - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: Flash and Video Download - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-06-28]
FF Extension: Avira Browser Safety - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\abs@avira.com [2016-06-22]
FF Extension: Adblock Plus - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\e5w2ducl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-30] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2014-09-05] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-08] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-03-25] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 23:38 - 2016-07-03 23:38 - 00015497 _____ C:\Users\Fabian\Desktop\FRST.txt
2016-07-03 23:35 - 2016-07-03 23:37 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-03 23:34 - 2016-07-03 23:35 - 11438608 _____ (SurfRight B.V.) C:\Users\Fabian\Desktop\HitmanPro_x64.exe
2016-07-03 21:44 - 2016-07-03 21:45 - 02870984 _____ (ESET) C:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe
2016-07-03 21:31 - 2016-07-03 21:38 - 00008075 _____ C:\Users\Fabian\Desktop\Fixlog.txt
2016-07-03 20:56 - 2016-07-03 20:57 - 01610816 _____ (Malwarebytes) C:\Users\Fabian\Desktop\JRT.exe
2016-07-03 20:54 - 2016-07-03 23:32 - 00000000 ____D C:\Users\Fabian\Desktop\TB
2016-07-03 20:48 - 2016-07-03 20:51 - 00000000 ____D C:\AdwCleaner
2016-07-03 20:44 - 2016-07-03 20:48 - 03712064 _____ C:\Users\Fabian\Desktop\AdwCleaner_5.201.exe
2016-07-03 17:41 - 2016-07-03 20:48 - 00083964 _____ C:\TDSSKiller.3.1.0.9_03.07.2016_17.41.12_log.txt
2016-07-03 17:40 - 2016-07-03 17:41 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Fabian\Desktop\tdsskiller.exe
2016-07-03 17:36 - 2016-07-03 23:38 - 00000000 ____D C:\FRST
2016-07-03 17:36 - 2016-07-03 17:36 - 02390016 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2016-06-23 23:28 - 2016-06-23 23:33 - 00000194 _____ C:\Users\Fabian\Desktop\Mögliche Lehrgangstermine für Dieter.txt
2016-06-22 17:18 - 2016-06-22 17:18 - 00390740 _____ C:\WINDOWS\Minidump\062216-5265-01.dmp
2016-06-15 14:33 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 14:33 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 14:33 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 14:33 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 14:33 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 14:33 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 14:33 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 14:33 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 14:33 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 14:33 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 14:33 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 14:33 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 14:33 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 14:33 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 14:33 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 14:33 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 14:33 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 14:33 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 14:33 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 14:33 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 14:33 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 14:33 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 14:33 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 14:33 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 14:33 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 14:33 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 14:33 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 14:32 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 14:32 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 14:32 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 14:32 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 14:32 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 14:32 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 14:32 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 14:32 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 14:32 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 14:32 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 14:32 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 14:32 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 14:32 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 14:32 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 14:32 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 14:32 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 14:32 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 14:32 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 14:32 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 14:32 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 14:32 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 14:32 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 14:32 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 14:32 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 14:32 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 14:32 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 14:32 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 14:32 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 14:32 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 14:32 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 14:32 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 14:32 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 14:32 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 14:32 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 14:32 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 14:32 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 14:32 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 14:32 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 14:32 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 14:32 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 14:32 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 14:32 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 14:32 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 14:32 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 14:32 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 14:32 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 14:32 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 14:32 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 14:32 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 14:32 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 14:32 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 14:32 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 02:31 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-14 02:30 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-14 02:30 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-11 22:50 - 2016-06-11 22:50 - 00000000 ____D C:\Users\Fabian\Desktop\10260611
2016-06-08 01:22 - 2016-07-03 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 23:13 - 2015-05-18 14:30 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\TS3Client
2016-07-03 22:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-03 22:19 - 2015-05-18 13:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-03 21:48 - 2015-10-30 20:35 - 00776562 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-03 21:48 - 2015-10-30 20:35 - 00155874 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-03 21:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-03 21:48 - 2015-08-19 17:46 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-03 21:41 - 2015-12-12 09:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 21:41 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-03 21:41 - 2015-05-19 18:03 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2016-07-03 21:38 - 2015-12-12 09:10 - 00000000 ____D C:\Users\Fabian
2016-07-03 21:38 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-03 20:56 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-03 20:51 - 2016-05-09 18:36 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-03 17:33 - 2015-11-12 00:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-03 17:33 - 2015-05-29 15:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-03 06:53 - 2015-05-18 13:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 06:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 05:02 - 2015-06-04 04:17 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\vlc
2016-06-29 03:00 - 2015-07-04 03:01 - 00000000 ____D C:\Users\Fabian\AppData\Local\CrashDumps
2016-06-27 06:48 - 2015-05-18 14:24 - 00000000 ____D C:\Users\Fabian\AppData\Local\Windows Live
2016-06-23 21:55 - 2015-10-26 19:20 - 00637904 _____ C:\Users\Fabian\Desktop\Erstattungsantrag_axa_Aug2014.pdf
2016-06-23 18:42 - 2015-11-12 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 17:18 - 2015-12-30 12:59 - 583392731 _____ C:\WINDOWS\MEMORY.DMP
2016-06-22 17:18 - 2015-12-30 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-22 13:02 - 2015-05-18 15:12 - 00000000 ____D C:\Users\Fabian\AppData\Local\Adobe
2016-06-22 01:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 20:08 - 2015-05-31 20:55 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Audacity
2016-06-17 18:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 18:45 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 12:17 - 2015-08-19 18:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 12:16 - 2015-12-12 09:09 - 00221744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 09:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 22:40 - 2015-05-18 10:34 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-15 17:30 - 2015-05-18 10:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 17:29 - 2015-05-18 10:40 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 02:31 - 2016-03-12 06:26 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-14 02:31 - 2015-12-12 09:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-14 02:31 - 2015-05-29 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-12 02:11 - 2016-01-29 06:38 - 00129739 _____ C:\Users\Fabian\Documents\starburn.txt
2016-06-10 22:32 - 2015-05-18 10:59 - 00000000 ____D C:\Users\Fabian\AppData\Local\ElevatedDiagnostics
2016-06-07 18:18 - 2016-05-22 11:30 - 00000138 _____ C:\Users\Fabian\Desktop\Anmeldungen Seminar Juni 2016.txt
2016-06-04 02:51 - 2015-12-02 04:42 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-14 13:57 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-12-02 04:42 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2015-12-22 18:55 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2015-12-22 18:55 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2015-12-12 09:09 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2015-12-12 09:09 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2015-12-12 09:09 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-12 09:09 - 2015-12-12 09:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Fabian\setup.exe


Einige Dateien in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 15:05

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Fabian (2016-07-03 23:38:34)
Gestartet von C:\Users\Fabian\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-12 07:14:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-169824235-548985442-2713111802-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169824235-548985442-2713111802-503 - Limited - Disabled)
Fabian (S-1-5-21-169824235-548985442-2713111802-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-169824235-548985442-2713111802-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.26.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amazon Kindle (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Binary Domain (HKLM-x32\...\Steam App 203750) (Version:  - Devil's Details)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DaVinci Resolve (HKLM\...\{131F8AE4-9933-4C05-8C22-87D5160501A6}) (Version: 11.3.1018 - Blackmagic Design)
DiRT Showdown (HKLM\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE)
EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version:  - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel Extreme Tuning Utility (HKLM-x32\...\{eb3c7583-932b-4db5-a272-5fb4528656bb}) (Version: 5.1.2.2 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.2.2 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL SLUG 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MWS Reader 5 (HKLM-x32\...\MWS Reader 5_is1) (Version: 5.2.621 - directINNOVATION UG (haftungsbeschränkt))
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith (HKLM-x32\...\Steam App 205190) (Version:  - Ubisoft - San Francisco)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.00.0000 - GIGABYTE)
SIV (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM\...\Steam App 202170) (Version:  - United Front Games)
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version:  - Rebellion)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager Development)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Standard Mouse Driver (HKLM-x32\...\{6C4453CD-123A-40FB-8227-E23AF8748C5A}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version:  - Most Wanted Entertainment)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version:  - Ubisoft Montreal)
TrueFire (HKLM-x32\...\TrueFire-Course-Player) (Version: 1.043 - TrueFire, Inc.)
TrueFire (x32 Version: 1.043 - TrueFire, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wondershare Filmora(Build 7.2.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {78E2CD17-ACB3-420F-A6A4-BAB9F02B2369} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-03-11] (Intel Corporation)
Task: {C3F85D89-7DAB-4648-8A78-64E6AFDC3B48} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 09:09 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-03-04 03:01 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-22 18:52 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-04 03:01 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:22 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-17 20:14 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:58 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 14:33 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 14:32 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 14:33 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 14:33 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2016-04-05 12:40 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-05 12:40 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 05:40 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-05 12:40 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-09-28 15:30 - 2013-01-04 17:04 - 00147456 _____ () C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE
2015-05-29 15:12 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-05-29 15:12 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-02-28 11:14 - 2016-02-20 23:42 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-02-20 23:42 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-02-20 23:42 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-02-20 23:42 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-05-30 22:41 - 2015-05-30 22:41 - 00486912 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2014-08-04 15:46 - 2016-02-20 23:42 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 15:48 - 2016-02-20 23:42 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 15:48 - 2016-02-20 23:42 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00289872 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
2015-06-18 01:43 - 2016-07-02 21:43 - 05805136 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\engine2.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00591952 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\tier0.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00475728 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\vstdlib.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00984064 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\SDL2.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00470096 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\filesystem_stdio.dll
2015-06-18 01:43 - 2016-06-29 00:58 - 00644176 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\inputsystem.dll
2015-06-18 01:50 - 2016-06-24 01:35 - 00265296 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\imemanager.dll
2015-06-18 01:50 - 2016-06-24 01:35 - 00225360 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\localize.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01364560 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\rendersystemdx9.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00612432 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\resourcesystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00697936 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\schemasystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01014864 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\materialsystem2.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00215632 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\valve_avi.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 06342736 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\scaleformui_4_dx9.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00887888 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\meshsystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01435728 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\worldrenderer.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00781904 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\vscript.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 02225744 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\networksystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01398864 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\animationsystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01954384 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\vphysics2.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 01316432 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\soundsystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 02938448 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\scenesystem.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 03182160 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\particles.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00341072 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\renderingpipelines.dll
2015-06-18 01:43 - 2016-07-02 21:43 - 33711696 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\dota\bin\win64\server.dll
2015-06-18 01:43 - 2016-07-03 22:19 - 37860432 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\dota\bin\win64\client.dll
2015-06-18 01:43 - 2015-06-18 01:50 - 03166720 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\video64.dll
2015-06-18 01:43 - 2015-06-18 01:50 - 05981184 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\v8.dll
2015-06-18 01:43 - 2015-10-03 04:52 - 02926080 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libavcodec-56.dll
2015-06-18 01:43 - 2015-10-03 04:52 - 00574976 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libavformat-56.dll
2015-06-18 01:43 - 2015-10-03 04:52 - 00385024 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libavresample-2.dll
2015-06-18 01:43 - 2015-10-03 04:52 - 00487936 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libavutil-54.dll
2015-06-18 01:43 - 2015-10-03 04:52 - 00564736 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libswscale-3.dll
2015-06-18 01:43 - 2015-06-18 01:50 - 01795584 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\icui18n.dll
2015-06-18 01:43 - 2015-06-18 01:50 - 01414656 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\icuuc.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 03597392 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\panorama.dll
2015-10-29 22:11 - 2016-06-24 01:35 - 01463888 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\panorama_text_pango.dll
2015-06-18 01:43 - 2015-11-13 10:41 - 00481280 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libfontconfig-1.dll
2015-06-18 01:43 - 2015-11-13 10:41 - 01058304 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\libfreetype-6.dll
2015-06-18 01:50 - 2015-06-18 01:50 - 00137728 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\mss64mp3.asi
2015-06-18 01:50 - 2015-06-18 01:50 - 00071168 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\mss64ds3d.flt
2015-06-18 01:50 - 2015-06-18 01:50 - 00131584 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\mss64eax.flt
2015-06-18 01:43 - 2016-06-24 01:35 - 01535056 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\dota\bin\win64\host.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00272976 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\scenefilecache.dll
2015-06-18 01:43 - 2016-06-24 01:35 - 00535120 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\navsystem.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2015-05-29 15:12 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-28 15:30 - 2012-12-20 14:05 - 00045056 _____ () C:\Program Files (x86)\Standard Mouse Driver\lan.dll
2015-09-28 15:30 - 2012-08-30 14:24 - 00061440 _____ () C:\Program Files (x86)\Standard Mouse Driver\hiddriver.dll
2016-01-29 06:38 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-01-29 06:38 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 13:32 - 2016-04-19 13:32 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-05-18 13:47 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-18 13:47 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-18 13:47 - 2016-06-15 02:47 - 02387024 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-18 13:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-18 13:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-18 13:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-18 13:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-18 13:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-18 13:47 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-18 13:47 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-18 13:47 - 2016-06-15 02:47 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 03:25 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-05-18 13:47 - 2016-06-14 21:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-18 13:47 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-169824235-548985442-2713111802-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-169824235-548985442-2713111802-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4DB165C0-3B50-4F29-83A9-118066C5B0E0}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{87EDAE14-73E0-4F60-B0F6-E8897DC79471}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{97D7C00A-8D8C-4B77-B11B-ACCF1A50D362}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{B0072ED3-4326-49AF-8C18-19B0ABB49A1A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{68A51083-93B7-476C-9346-70BCEBE2D97F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{71402935-54FC-4A3C-A89B-762D38BFF3F3}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B0AB0CEA-B931-45AB-B099-B7CE38207785}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BECA9CA9-C7E4-4CD8-9F52-9F1B5661EFE4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{27F0D775-E032-4D18-98D4-AA3A463A838A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{44D79FCE-90CD-4720-BDA0-835508DDDBA4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{85067AED-A593-4ACE-B675-889E2686466D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{64F8E193-FE68-4601-AFE5-AAD566F85D59}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CA62211B-6A38-43EA-B961-F25792CB65B5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{AD1C79D4-D5E7-4C21-8F5A-512E1DAE06A5}] => (Allow) D:\SteamLibrary\steamapps\common\Alien Swarm\swarm.exe
FirewallRules: [{B87BD653-5508-4038-9E40-6A09E31346D3}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{918AE4B2-3899-45E0-821F-E714272183B2}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{90D7268B-42A2-483C-9DE8-90751A1FFDB1}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{FF6CC075-D874-42BE-85D3-3E06E522ABFA}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{EE189F9E-C8C6-4327-8B12-537BBF512A44}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2FD0529D-5498-4ED7-B8AC-FCE5F599F419}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D073BF74-74B8-4DA1-A537-B0D1CA119F92}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{19AFDD39-4DA2-4E45-BA37-E330FDEF143D}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1565F7D-DE84-4035-8DEE-B7206E9CF1E6}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{7B208B0F-15BA-4C79-93F3-F68DD3E83AAE}] => (Allow) D:\SteamLibrary\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{48E82A63-979E-4BCF-8E73-F3E3DD393C2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B81E337D-63C7-439C-9DD9-53D50E4B52B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE76E308-5A2F-4253-9EF9-6616513E7EBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47AA7F0D-D9F1-4B7E-9A40-D10B949379E0}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{1C0EC512-B21B-4E7E-AA40-710EC82B929E}] => (Allow) D:\SteamLibrary\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{08965FE0-DAF8-4114-9EE2-F6BDE29B8994}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{8FD60035-440D-4228-8651-FE173A407201}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{C3012F5A-12B8-4691-84A9-BA7821DA4789}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{36A6470C-E55A-40A5-A66C-02FA53B56F9D}] => (Allow) D:\SteamLibrary\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{47379E4B-8B10-4485-94A8-4BD3264E4C8C}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{175357F2-F573-4D3D-921E-C753466E9D7B}] => (Allow) D:\SteamLibrary\steamapps\common\Shank 2\bin\shank2.exe
FirewallRules: [{C4FBAC76-62C3-4129-9129-6AA71D15FCC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B65F972-7357-4A77-B095-506980250FA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD84042F-B499-4307-8D57-8F34ADCCBD1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED558A9E-B5F6-4994-8A98-54484C132AE1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3FA79838-F973-4615-A8DC-2908E2D8F2AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8300987-E1EF-4FBE-9F34-0DFDAD3FAD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D53E258-2691-4F36-8289-C9173D703A90}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9927F7F6-CF0F-42CD-BF04-F1E6A245AD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E767E224-AA9E-4054-9236-EB041BBEF818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{D7C54416-17B7-4D58-9BF5-B7297A408C1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{63891AE8-0127-4E8F-9AF1-F4719767148C}] => (Allow) LPort=2869
FirewallRules: [{A5B3CB4F-795E-4F54-AD94-E63DB8C0A42D}] => (Allow) LPort=1900
FirewallRules: [{0AA2D938-1F29-44BD-98F9-47D36F819B11}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C9D110DA-1970-4C73-BE55-70183874E727}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A27A2757-A3CD-4770-93E7-E87E3BC5B85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{68646264-96B9-443E-A22A-AAC877D0D3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{DEE80902-E560-4649-AC4F-DB15E93644EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{D2A47F14-468F-4A06-942E-94FAB186562A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{72EA5811-5DEE-4F54-9D07-9C5D61E13CD5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{941B2260-2540-449F-8297-6F0C4DFB01EE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{EBD0578E-6AA2-47F1-9141-BED286E8C74C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{69138AF8-07F1-410C-B7FD-6E07C9EA5689}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{9ABE302E-A4D2-4EC7-8B3B-30F365DDB083}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{228C823E-5C17-457A-9D69-767116B49519}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{B9B60B94-C865-4C46-9126-7AC780D95E46}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{5EFB0068-50AD-498F-92EA-3759C76B0E21}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{ABCE225E-0769-42E2-920D-070827736CB6}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [TCP Query User{4438F0B0-3511-4296-A5B1-64A0EF9101CA}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{56579952-A060-4A31-BBFF-84EF85458447}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{F583E076-404A-4F8B-8D01-98E862676D22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C37E844E-040D-4BAC-9A6A-5ED5E5D11224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DC4DA8CC-0809-47C2-A941-16615DA6285D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0A9D05E1-C263-42F2-9958-E6508D93C6EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{868286D2-6613-4E9C-B108-C4C72A834C40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{908741BA-0DC7-4334-8D29-A1F085A1976A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0046F909-CC54-4F62-A176-E019205F7B7D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C9C65EFB-7A3E-4270-B912-5AAC9656682C}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [{DD071BBD-A707-4565-AE3A-F7527B9CBF59}] => (Allow) D:\SteamLibrary\steamapps\common\Free to Play\FTP.exe
FirewallRules: [TCP Query User{43DC946D-2BF5-43F0-90EB-B7D8F91BE03D}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{9AC11793-1563-4026-8D3A-A613D0005C33}C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{7745B9FA-1A0F-446B-8207-77AF24D8A0C1}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F72AB61B-265F-4FC2-9223-C14C1E7EA32E}] => (Block) C:\users\fabian\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{1E411233-531F-48DB-B783-E421A3E450E6}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{CA760D28-E3C8-40B7-98A5-EA66C71FCA8E}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 test\game\bin\win64\dota2.exe
FirewallRules: [{D08CFEC4-C360-49C3-B2B0-358FC6FCD100}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{36383C22-81BB-4855-85BA-747A3BA4E074}] => (Allow) D:\SteamLibrary\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{5ABC6840-912B-42F5-89F0-BF76EFBC9EE0}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{DE9B87CF-748F-4533-A7FC-97F418A326AC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{266E98C1-EFEA-4DF7-B199-5841E1F7F61A}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{1DB52B6B-5FD7-4CAD-9179-99DCCC2353DC}] => (Allow) D:\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{F0897921-8C2E-4394-81B5-78C11B653BEE}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{315E81AB-7177-4E63-A8B6-4DF72D9D2E94}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{A5AF2C95-DBF6-4FB3-BA48-AD7AA6EC7FDA}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{131A07E7-53CC-4837-A30E-595EC020CFE3}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{6A2D7F00-3F48-49DF-828A-9F8A5619AEDE}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8486B426-E378-42FC-A8F0-5F47792EDFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{45CAEFDB-E770-4372-9B16-F4B51900CFAC}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{B21E5AA3-20EB-4C59-BE7D-21A12CD048C1}] => (Allow) D:\SteamLibrary\steamapps\common\Thunder Wolves\ThunderWolves.exe
FirewallRules: [{62ED10E3-A79B-4087-A928-3A92CC3C6984}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{19C3C641-E9A7-47FC-9341-3C5432AD85EE}] => (Allow) D:\SteamLibrary\steamapps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{C3B8A625-3DDB-48CA-B3CD-AAA145F5CB71}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{2C06568C-3103-45B3-B9DB-7DAB24BDF184}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{4F0727D7-367E-495E-A03A-465BDCB944AF}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{948D4F1B-6669-4D96-B13C-13F813EB9405}] => (Allow) D:\SteamLibrary\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{3B19828B-F795-4202-9B02-F614A39A95C1}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{F1D78391-298B-4111-A9F6-34FC58A8791D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{782F2153-30F2-49A7-90AE-2C17251E4E8B}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{D47289FB-B7D2-4609-8FC0-E2FD2402D4F2}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{E6ACADFA-DDF9-4553-8A43-986FF25410B0}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [{50B48B2E-C250-411F-AC89-4A3D6D632283}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{B593B0D8-8546-40F4-B5FE-8B9A94732287}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [UDP Query User{54D77ABF-5291-4958-A823-17F4A0EEAAC8}C:\program files (x86)\truefire\truefire.exe] => (Block) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [{1936D3F6-0756-4712-9C87-7C79CAA71ADF}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F24F2FAC-C816-4446-A21C-5D9A920296B3}] => (Allow) D:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Generischer USB-Hub
Description: Generischer USB-Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardmäßige USB-HUBs)
Service: USBHUB3
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/03/2016 11:31:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/03/2016 09:59:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (07/03/2016 09:56:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Junker)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 09:56:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Junker)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 09:56:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Junker)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 09:56:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Junker)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 09:45:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/03/2016 09:45:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/03/2016 09:45:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/03/2016 09:45:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (07/03/2016 10:17:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/03/2016 10:07:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (07/03/2016 10:01:10 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (07/03/2016 09:55:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (07/03/2016 09:55:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Fabian\AppData\Local\Temp\ehdrv.sys

Error: (07/03/2016 09:55:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (07/03/2016 09:55:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Fabian\AppData\Local\Temp\ehdrv.sys

Error: (07/03/2016 09:55:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (07/03/2016 09:55:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Fabian\AppData\Local\Temp\ehdrv.sys

Error: (07/03/2016 09:55:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.



CodeIntegrity:
===================================
  Date: 2016-06-18 03:34:24.844
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 12:17:10.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 08:08:10.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 19:03:21.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 04:37:26.697
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 19:12:17.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 12:35:57.277
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 08:02:56.254
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 07:43:50.363
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-23 17:43:17.753
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8122.83 MB
Verfügbarer physikalischer RAM: 3190.04 MB
Summe virtueller Speicher: 9402.83 MB
Verfügbarer virtueller Speicher: 2693.06 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.01 GB) (Free:36.71 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:575.87 GB) NTFS
Drive f: (Volume) (Fixed) (Total:119.12 GB) (Free:66.03 GB) NTFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:506.91 GB) NTFS
Drive h: (Volume) (Fixed) (Total:2794.39 GB) (Free:2152.91 GB) NTFS
Drive l: () (Removable) (Total:7.39 GB) (Free:7.17 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 341C2E53)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 739174F8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 9 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: D5B7C8DD)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Ich hatte im gesamten Prozess bislang zwei Systemabstürze und ESET hatte im ersten Anlauf die Signaturen nicht herunterladen können und fragte ob ein Proxy lüuft (was nicht der Fall ist), sonst läuft der PC normal.

M-K-D-B · 04.07.2016, 10:52

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

FJ1 · 04.07.2016, 22:10

Hi,

alles erledigt

Vielen Dank für die schnelle Hilfe!

Ich mach mich mal auf ins Feedback-Forum und zur Unterstützung.

Danke auch für die aktuellen Tipps zur Absicherung.

M-K-D-B · 05.07.2016, 17:15

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

PUP.Optional.SysTweak mit mbam beim Systemscan gefunden

Plagegeister aller Art und deren Bekämpfung: PUP.Optional.SysTweak mit mbam beim Systemscan gefunden