Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Ist mein System sauber? Trojan.Gen und Hijacks gefunden (https://www.trojaner-board.de/173764-system-sauber-trojan-gen-hijacks-gefunden.html)

Sc@rf@ce 04.12.2015 10:50
Ist mein System sauber? Trojan.Gen und Hijacks gefunden
 
Hallo liebes Trojaner-Board Team,

bin neu bei euch und wollte mal eure Kompetenzen in Anspruch nehmen :).

Also kurze Info zu meinem Anliegen, habe vor etwa 2 Wochen den Laptop
meines besten Freundes übernommen und den mal so weit es ging „fit“ gemacht.
Da ich ja nicht wirklich wusste auf welchen Seiten er sich rumgetrieben hat, hab ich
mir ein neues Virensystem (Bitdefender Internet Security 2016) angeschafft und das
mal drüberlaufen lassen. Bitdefender hatte dann auch die ein oder anderen infizierten
Cookies entdeckt, die ich dann direkt gelöscht habe. Allerdings hat mir das nicht gereicht
da kein System zu 100% sauber ist und hab Malwarebytes drüberlaufen lassen (wovon ich allerdings keinen LOG habe, da es schon ne Woche her ist und ich den nicht gespeichert habe) werde euch allerdings eine Neuauswertung posten. So weiter im Text Malwarebytes hat dann auch 26 PUP`s gefunden, welche für mich jetzt aber weniger gefährlich aussahen. Das war mir allerdings immer noch nicht genug und hab mir von Malwarebytes noch das Anti Rootkit Tool gedownloadet und das ebenfalls drüberlaufen lassen und hier kommen meine Bedenken ins Spiel, es wurden 2 Trojan.Agents und 4 Hijacks gefunden die ich dann auch im Anschluss vernichtet hab, sprich es existiert auch hier kein LOG, mal vorrausgesetzt man kann dort einen LOG speichern, da ich hierzu nichts gefunden habe. Mein Anliegen an euch wäre, den Aktuellen LOG von Malwarebytes mal zu überprüfen und zu schauen, ob es ein paar Unstimmigkeiten gibt und ihr vielleicht etwas seht, dass mir als Laie verborgen bleibt. Ich bedanke mich schon mal im vorraus bei euch und hoffe ihr könnt mir helfen :). Anbei gibt es noch LOGs vom ADWcleaner nur um alles abzudecken :)
P.S. kann auf Wunsch einen LOG meines Antivirenprogramms erstellen (falls Notwendigkeit besteht) :heilig:.

Malwarebytes LOG:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 04.12.2015
Suchlaufzeit: 10:33
Protokolldatei: Malwarebytes.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.04.01
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: phili_000

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 400606
Abgelaufene Zeit: 8 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

ADWcleaner LOG:

# AdwCleaner v5.023 - Bericht erstellt am 04/12/2015 um 10:26:29
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : phili_000 - ACERRICHARD
# Gestartet von : C:\Users\phili_000\Downloads\AdwCleaner_5.023 (1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\OCS

***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S21].txt - [676 Bytes] ##########

deeprybka 04.12.2015 10:55
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Sc@rf@ce 04.12.2015 11:05
Danke für die äußerst fixe Bearbeitung :).


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von phili_000 (Administrator) auf ACERRICHARD (04-12-2015 10:58:21)
Gestartet von C:\Users\phili_000\Downloads
Geladene Profile: phili_000 (Verfügbare Profile: phili_000)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
() C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1683920 2015-11-26] (Bitdefender)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1416608 2015-11-26] (Bitdefender)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\RunOnce: [Uninstall C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\MountPoints2: {829ef0e5-94d9-11e5-829e-206a8a9d87aa} - "F:\shelexec.exe" .\starter.html
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-12-02]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk ->  (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-1645853366-4108103990-173416813-1002] => http=127.0.0.1:49770;https=127.0.0.1:49770
Hosts: 127.0.0.1                        d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{015a8b71-29ca-468d-86b2-53f9b81df378}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d6fc2d0c-d9e1-4b4e-91d8-9ee0af41ce6e}: [DhcpNameServer] 192.19.128.24

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {1445FCAF-8A8D-47A8-AB93-5EB8C65B4A07} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {212D7AE8-7DB2-4AFA-A37D-7317D6E09388} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {680BC10C-91EF-4336-BA81-33C597EDA1ED} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {B22D9EA2-C190-4DF1-9268-73913BCFA58E} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {E3F2141F-0B01-4266-A1FE-A49FBA9963A7} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-11-24] (Bitdefender)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-11-24] (Bitdefender)
Toolbar: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF ProfilePath: C:\Users\phili_000\AppData\Roaming\Mozilla\Firefox\Profiles\j2q20h92.default
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-11-18] [ist nicht signiert]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-11-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-11-18] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-17] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-02-08] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-22] (Bitdefender)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1595864 2015-11-26] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-11-24] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-11-24] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-24] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87920 2015-11-26] (BitDefender)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [245248 2015-10-30] (Microsoft Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-11-24] (Bitdefender)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\1C94.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-21] (Wellbia.com Co., Ltd.)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-04 10:58 - 2015-12-04 10:58 - 00024203 _____ C:\Users\phili_000\Downloads\FRST.txt
2015-12-04 10:58 - 2015-12-04 10:58 - 00000000 ____D C:\FRST
2015-12-04 10:57 - 2015-12-04 10:57 - 02350080 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe
2015-12-04 10:25 - 2015-12-04 10:30 - 01736704 _____ C:\Users\phili_000\Downloads\AdwCleaner_5.023 (1).exe
2015-12-04 10:23 - 2015-12-04 10:25 - 01736704 _____ C:\Users\phili_000\Downloads\adwcleaner_5.023.exe
2015-12-04 09:33 - 2015-12-04 09:33 - 00050477 _____ C:\Users\phili_000\Downloads\Defogger.exe
2015-12-03 09:41 - 2015-12-04 10:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-03 09:40 - 2015-12-04 10:57 - 00000000 ____D C:\Users\phili_000\Desktop\mbar
2015-12-03 09:40 - 2015-12-03 09:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\phili_000\Downloads\mbar-1.09.3.1001.exe
2015-12-03 09:25 - 2015-12-03 09:26 - 01466656 _____ C:\Users\phili_000\Downloads\Bitdefender Rootkit Remover - CHIP-Installer.exe
2015-12-03 08:57 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\1C94.tmp
2015-12-03 08:51 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\9B84.tmp
2015-12-03 08:50 - 2015-12-03 09:28 - 00000000 ____D C:\Program Files (x86)\Sophos
2015-12-03 08:50 - 2015-12-03 08:50 - 01339288 _____ C:\Users\phili_000\Downloads\sar_15_sfx.exe
2015-12-03 08:50 - 2015-12-03 08:50 - 01339288 _____ C:\Users\phili_000\Downloads\sar_15_sfx (1).exe
2015-12-03 08:15 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 08:15 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-03 08:15 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 08:15 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-03 08:15 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 08:15 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-03 08:15 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 08:15 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-03 08:15 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-03 08:15 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 08:15 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-03 08:15 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-03 08:15 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-03 08:15 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-03 08:15 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-03 08:15 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 08:14 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 08:14 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-03 08:14 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 08:14 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 08:14 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 08:14 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 08:14 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 08:14 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 08:14 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 08:14 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 08:14 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 08:14 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 08:14 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 08:14 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 08:14 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 08:14 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-03 08:14 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 08:14 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 08:14 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 08:14 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 08:14 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 08:14 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 08:14 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 08:14 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 08:14 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-03 08:14 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 08:14 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-03 08:14 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 08:14 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 08:14 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-03 08:14 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 08:14 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 08:14 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 08:14 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 08:14 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-03 08:14 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 08:14 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 08:14 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-03 08:14 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 08:14 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 08:14 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 08:14 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-03 00:12 - 2015-12-03 00:12 - 00000000 ____D C:\ProgramData\Emsisoft
2015-12-02 23:59 - 2015-12-02 23:59 - 01466656 _____ C:\Users\phili_000\Downloads\Emsisoft Anti Malware - CHIP-Installer.exe
2015-12-02 23:15 - 2015-12-02 23:15 - 00380416 _____ C:\Users\phili_000\Downloads\e73f19hl.exe
2015-12-02 23:14 - 2015-12-02 23:17 - 00570944 _____ C:\Users\phili_000\Downloads\e73f19hl_CB-DL-Manager.exe
2015-12-02 23:14 - 2015-12-02 23:14 - 00570944 _____ C:\Users\phili_000\Downloads\e73f19hl_CB-DL-Manager (1).exe
2015-12-02 21:44 - 2015-12-04 10:33 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 21:43 - 2015-12-04 10:51 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-02 21:43 - 2015-12-02 22:18 - 00001172 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 21:43 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-02 21:43 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-02 21:42 - 2015-12-02 21:43 - 22908888 _____ (Malwarebytes ) C:\Users\phili_000\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-02 20:32 - 2015-12-02 20:32 - 00000000 ____D C:\Users\phili_000\Desktop\Acer Stuff
2015-12-02 20:28 - 2015-12-02 20:28 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2015-12-02 20:23 - 2015-12-02 20:23 - 00003404 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2015-12-02 18:31 - 2015-12-02 18:34 - 00000000 ____D C:\Users\phili_000\AppData\Local\CyberGhost
2015-12-02 18:29 - 2015-12-02 22:18 - 00001780 _____ C:\Users\phili_000\Desktop\CyberGhost 5.lnk
2015-12-02 18:29 - 2015-12-02 18:30 - 00000000 ____D C:\Program Files\TAP-Windows
2015-12-02 18:29 - 2015-12-02 18:30 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-12-02 18:29 - 2015-12-02 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-12-02 18:28 - 2015-12-02 18:28 - 01466656 _____ C:\Users\phili_000\Downloads\CyberGhost VPN - CHIP-Installer.exe
2015-12-01 21:24 - 2015-11-25 00:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-01 21:18 - 2015-12-02 22:18 - 00001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-12-01 21:18 - 2015-12-01 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-01 21:18 - 2015-11-12 19:37 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-12-01 21:16 - 2015-12-01 21:16 - 01466656 _____ C:\Users\phili_000\Downloads\Nvidia GeForce Experience - CHIP-Installer.exe
2015-12-01 20:17 - 2015-12-01 20:17 - 00000000 ____D C:\Users\phili_000\Downloads\Bitdefender Safepay
2015-12-01 13:14 - 2015-12-01 13:14 - 00024819 _____ C:\ProgramData\1448972057.bdinstall.bin
2015-12-01 13:03 - 2015-12-01 13:03 - 00024570 _____ C:\ProgramData\1448971416.bdinstall.bin
2015-12-01 13:02 - 2015-12-01 13:02 - 00024570 _____ C:\ProgramData\1448971361.bdinstall.bin
2015-12-01 13:01 - 2015-12-01 13:02 - 01466656 _____ C:\Users\phili_000\Downloads\BitDefender Total Security 2016 - CHIP-Installer.exe
2015-12-01 12:54 - 2015-12-01 12:54 - 07236184 _____ C:\Users\phili_000\Downloads\bitdefender_windows_c5ad0f12-0625-46d0-a18d-047afa4db5d4.exe
2015-12-01 12:54 - 2015-12-01 12:54 - 00026369 _____ C:\ProgramData\1448970878.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 00024833 _____ C:\ProgramData\1448970555.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 00024833 _____ C:\ProgramData\1448970549.bdinstall.bin
2015-12-01 12:48 - 2015-12-01 12:48 - 00024833 _____ C:\ProgramData\1448970485.bdinstall.bin
2015-12-01 12:47 - 2015-12-01 12:49 - 07207408 _____ C:\Users\phili_000\Downloads\bitdefender_tsecurity.exe
2015-12-01 12:39 - 2015-12-01 12:39 - 00026298 _____ C:\ProgramData\1448969942.bdinstall.bin
2015-12-01 12:38 - 2015-12-01 12:38 - 07236184 _____ C:\Users\phili_000\Downloads\bitdefender_windows_43c2d0f9-af7b-4daa-82f4-a94cd7d44793.exe
2015-12-01 09:37 - 2015-12-01 10:19 - 00000000 ____D C:\Users\phili_000\Desktop\Google Play Store Daten
2015-11-29 12:19 - 2015-11-29 12:19 - 00000000 ____D C:\Users\phili_000\Desktop\HP Drucker
2015-11-29 12:14 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM5912.dll
2015-11-29 12:10 - 2015-11-29 12:11 - 123809984 _____ C:\Users\phili_000\Downloads\OJ8600_1315-1.exe
2015-11-29 11:48 - 2015-11-29 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\ProgramData\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\Program Files\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-29 11:48 - 2015-11-29 11:48 - 00000057 _____ C:\ProgramData\Ament.ini
2015-11-29 11:48 - 2015-11-29 11:48 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HpUpdate
2015-11-29 11:48 - 2014-07-21 16:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPDiscoPM7112.dll
2015-11-29 11:47 - 2015-11-29 12:16 - 00000000 ____D C:\Users\phili_000\AppData\Local\HP
2015-11-29 11:44 - 2015-11-29 11:46 - 00000000 ____D C:\Users\phili_000\Downloads\HP Downloads
2015-11-29 11:44 - 2015-11-29 11:44 - 00000000 ____D C:\Users\phili_000\AppData\Local\Hewlett-Packard
2015-11-29 11:43 - 2015-11-29 11:53 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-11-29 11:43 - 2015-11-29 11:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-11-29 11:42 - 2015-11-29 11:42 - 03795680 _____ (Oleg N. Scherbakov) C:\Users\phili_000\Downloads\HPSupportSolutionsFramework-12.0.30.219.exe
2015-11-29 09:38 - 2015-11-29 09:38 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\OpenOffice
2015-11-29 09:37 - 2015-12-02 22:18 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2015-11-29 09:37 - 2015-11-29 09:37 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-11-29 09:37 - 2015-11-29 09:37 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-11-29 09:34 - 2015-11-29 09:34 - 00000000 ____D C:\Users\phili_000\Desktop\OpenOffice 4.1.2 (de) Installation Files
2015-11-29 09:32 - 2015-11-29 09:34 - 164803434 _____ C:\Users\phili_000\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-11-29 09:24 - 2015-11-29 09:24 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Foxit Software
2015-11-29 09:19 - 2015-11-29 09:19 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\LibreOffice
2015-11-29 09:10 - 2015-11-29 09:13 - 245096448 _____ C:\Users\phili_000\Downloads\LibreOffice_5.0.3_Win_x64.msi
2015-11-28 19:23 - 2015-11-28 19:23 - 29833438 _____ C:\Users\phili_000\Downloads\vlc-2.2.1-win64.exe
2015-11-28 17:52 - 2015-12-02 22:18 - 00001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-11-28 17:52 - 2015-12-02 22:18 - 00001267 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Thunderbird
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Users\phili_000\AppData\Local\Thunderbird
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-11-28 17:49 - 2015-11-28 17:50 - 33877920 _____ (Mozilla) C:\Users\phili_000\Downloads\Thunderbird_Setup_38.4.0__1_.exe
2015-11-28 17:49 - 2015-11-28 17:50 - 06038585 _____ (Mozilla) C:\Users\phili_000\Downloads\Thunderbird_Setup_38.4.0__1_ (1).exe.j4e97d6.partial
2015-11-26 14:12 - 2015-11-26 14:13 - 00000000 ____D C:\Users\phili_000\Desktop\Games
2015-11-25 20:27 - 2015-11-21 07:21 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-11-25 20:27 - 2015-11-21 07:02 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-11-25 20:27 - 2015-11-21 06:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 20:27 - 2015-11-21 06:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-11-25 20:27 - 2015-11-21 06:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-11-25 00:05 - 2015-12-03 14:47 - 00002512 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_phili_000
2015-11-25 00:05 - 2015-12-03 14:47 - 00000310 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_phili_000.job
2015-11-25 00:05 - 2015-12-02 22:18 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-11-25 00:05 - 2015-12-02 22:18 - 00001428 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-11-25 00:05 - 2015-12-02 08:23 - 00000000 ____D C:\ProgramData\ProductData
2015-11-25 00:05 - 2015-12-01 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 11147552 _____ (IObit) C:\Users\phili_000\Downloads\iobit51uninstaller.exe
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ProductData
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\LocalLow\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-24 19:47 - 2015-11-24 19:47 - 00000000 ____D C:\Users\phili_000\AppData\Temp
2015-11-24 19:46 - 2015-11-24 19:46 - 00024817 _____ C:\ProgramData\1448390808.bdinstall.bin
2015-11-24 16:47 - 2015-11-24 16:47 - 00282000 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-11-24 16:15 - 2015-12-03 14:45 - 00009245 _____ C:\bdlog.txt
2015-11-24 16:11 - 2015-11-24 16:11 - 00445964 _____ C:\ProgramData\1448377674.bdinstall.bin
2015-11-24 16:11 - 2015-11-24 16:11 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-11-24 16:11 - 2015-11-24 16:11 - 00000385 _____ C:\Users\phili_000\AppData\Roaminguser_gensett.xml
2015-11-24 16:10 - 2015-12-02 22:18 - 00002209 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-11-24 16:10 - 2015-11-24 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-11-24 16:10 - 2015-11-24 16:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-11-24 16:10 - 2015-11-24 16:10 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-24 16:10 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-11-24 16:10 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-11-24 16:09 - 2015-11-26 14:28 - 00087920 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-11-24 16:09 - 2015-11-24 16:48 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2015-11-24 16:09 - 2015-11-24 16:47 - 01600512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-11-24 16:09 - 2015-11-24 16:46 - 00775424 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-11-24 16:08 - 2015-11-24 16:48 - 00000000 ____D C:\ProgramData\Bitdefender
2015-11-24 16:08 - 2015-11-24 16:15 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Bitdefender
2015-11-24 16:08 - 2015-11-24 16:08 - 00000000 ____D C:\Program Files\Bitdefender
2015-11-24 16:08 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-11-24 16:08 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-11-24 16:07 - 2015-11-24 16:08 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-11-24 16:03 - 2015-12-04 10:32 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-11-24 16:03 - 2015-11-24 16:03 - 07211368 _____ C:\Users\phili_000\Downloads\bitdefender_16isecurity.exe
2015-11-24 16:03 - 2015-11-24 16:03 - 07211368 _____ C:\Users\phili_000\Downloads\bitdefender_16isecurity (1).exe
2015-11-24 16:03 - 2015-11-24 16:03 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2015-11-24 15:38 - 2015-11-24 15:38 - 01466656 _____ C:\Users\phili_000\Downloads\BitDefender Antivirus Free Edition - CHIP-Installer.exe
2015-11-24 12:33 - 2015-11-24 12:34 - 00000000 ____D C:\Users\phili_000\Desktop\Musik
2015-11-24 12:30 - 2015-11-24 12:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-11-24 11:47 - 2015-11-24 11:47 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\dlg
2015-11-24 11:46 - 2015-11-24 12:43 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\DVDVideoSoft
2015-11-24 11:46 - 2015-11-24 11:46 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-11-24 11:44 - 2015-12-02 23:15 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2015-11-24 11:44 - 2015-11-24 11:44 - 39131528 _____ (DVDVideoSoft Ltd. ) C:\Users\phili_000\Downloads\FreeYouTubeToMP3Converter.exe
2015-11-24 11:43 - 2015-11-24 11:43 - 00574128 _____ C:\Users\phili_000\Downloads\FreeYouTubeToMP3Converter_CB-DL-Manager.exe
2015-11-23 09:26 - 2015-11-23 09:26 - 00000000 ____D C:\ProgramData\BatteryOptimizer.exe
2015-11-22 11:10 - 2015-11-22 13:33 - 302252144 _____ (NVIDIA Corporation) C:\Users\phili_000\Downloads\359.00-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-11-22 10:59 - 2015-11-22 10:59 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2015-11-22 10:59 - 2015-11-22 10:59 - 00000000 ____D C:\Users\phili_000\AppData\Local\CareCenter
2015-11-22 10:09 - 2015-11-22 10:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-21 10:09 - 2015-11-24 09:59 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-21 10:09 - 2015-11-24 09:59 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-21 10:09 - 2015-11-21 10:24 - 00003048 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-21 10:09 - 2015-11-21 10:24 - 00003048 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-21 09:07 - 2015-11-21 09:07 - 00000000 ____D C:\Users\phili_000\AppData\Local\Steam
2015-11-21 09:07 - 2015-11-21 09:07 - 00000000 ____D C:\Users\phili_000\AppData\Local\CEF
2015-11-21 08:49 - 2015-11-21 08:52 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2015-11-21 08:23 - 2015-12-04 10:30 - 00000000 ____D C:\AdwCleaner
2015-11-21 08:21 - 2015-11-21 08:22 - 01732096 _____ C:\Users\phili_000\Downloads\adwcleaner_5.021.exe
2015-11-20 22:16 - 2015-11-20 23:11 - 4020834304 _____ C:\Users\phili_000\Downloads\de_windows_10_multiple_editions_version_1511_x64_dvd_7223737.iso
2015-11-20 21:58 - 2015-11-20 21:59 - 00000000 ____D C:\Users\phili_000\AppData\Local\PackageStaging
2015-11-20 21:58 - 2015-11-20 21:58 - 00000000 ____D C:\ProgramData\USOShared
2015-11-20 18:24 - 2015-11-21 11:55 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-11-20 17:43 - 2015-12-02 22:18 - 00000908 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-20 17:43 - 2015-11-20 17:43 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\Program Files\CCleaner
2015-11-20 17:42 - 2015-11-20 17:43 - 05524624 _____ (Piriform Ltd) C:\Users\phili_000\Downloads\ccsetup511_slim.exe
2015-11-20 17:41 - 2015-12-03 08:50 - 00000000 ____D C:\Users\phili_000\AppData\Local\MicrosoftEdge
2015-11-20 17:41 - 2015-12-02 22:18 - 00002373 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-20 17:41 - 2015-11-20 17:41 - 00000000 ____D C:\Users\phili_000\AppData\Local\NetworkTiles
2015-11-20 17:40 - 2015-11-20 17:40 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-11-20 17:38 - 2015-11-20 17:38 - 00000000 ____D C:\Users\phili_000\AppData\Local\Publishers
2015-11-20 17:38 - 2015-11-20 17:38 - 00000000 ____D C:\Users\phili_000\AppData\Local\ActiveSync
2015-11-20 17:37 - 2015-11-20 17:37 - 00000000 ____D C:\Users\phili_000\AppData\Local\Comms
2015-11-20 17:36 - 2015-11-20 17:36 - 00000020 ___SH C:\Users\phili_000\ntuser.ini
2015-11-20 17:36 - 2015-11-20 17:36 - 00000000 ____D C:\Users\phili_000\AppData\Local\TileDataLayer
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-11-20 17:32 - 2015-11-20 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-20 17:31 - 2015-12-03 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-20 17:29 - 2015-12-03 14:52 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-20 17:21 - 2015-12-02 22:18 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-20 17:21 - 2015-11-20 17:21 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-11-20 17:21 - 2015-11-20 17:21 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-11-20 17:18 - 2015-11-20 17:18 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-11-20 17:17 - 2015-12-03 10:00 - 00000000 ____D C:\Users\phili_000
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Vorlagen
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Startmenü
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Netzwerkumgebung
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Lokale Einstellungen
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Eigene Dateien
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Druckumgebung
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Videos
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Musik
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Bilder
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Local\Verlauf
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Local\Anwendungsdaten
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Anwendungsdaten
2015-11-20 17:14 - 2015-12-03 14:46 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-20 17:14 - 2015-11-20 17:14 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____D C:\Program Files\Realtek
2015-11-20 17:14 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-11-20 17:14 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-11-20 17:13 - 2015-12-01 21:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 17:13 - 2015-11-24 20:32 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-20 17:13 - 2015-11-24 20:32 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-20 17:13 - 2015-11-23 21:35 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-11-20 17:13 - 2015-11-20 17:19 - 00000000 ____D C:\Program Files\Intel
2015-11-20 17:13 - 2015-11-20 17:13 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-11-20 17:12 - 2015-12-01 21:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:12 - 2015-12-01 21:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-20 17:12 - 2015-11-20 17:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-11-20 17:12 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-11-20 17:08 - 2015-11-29 11:55 - 00219544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-20 17:07 - 2015-11-20 17:44 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-20 17:04 - 2015-11-20 17:04 - 00000000 ____D C:\Windows.old
2015-11-20 17:03 - 2015-11-20 17:03 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-11-20 17:03 - 2015-11-20 17:03 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-11-20 17:03 - 2015-11-20 17:03 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-11-20 17:02 - 2015-11-20 17:02 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files\MSBuild
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-20 16:59 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-20 16:59 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-20 16:59 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-20 16:24 - 2015-11-20 16:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-20 16:23 - 2015-11-20 17:33 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-11-20 16:23 - 2015-11-20 17:33 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-11-20 16:22 - 2015-11-20 16:22 - 00000000 ____D C:\ESD
2015-11-20 15:54 - 2015-11-20 15:54 - 00000000 ___HD C:\$Windows.~WS
2015-11-20 15:50 - 2015-12-03 09:34 - 00000000 ____D C:\Users\phili_000\AppData\Local\CrashDumps
2015-11-19 22:09 - 2015-11-20 17:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2015-11-19 22:09 - 2015-11-19 23:11 - 00000000 ____D C:\ProgramData\HappyCloud
2015-11-19 22:09 - 2015-11-19 22:09 - 00000000 ____D C:\AeriaGames
2015-11-19 22:08 - 2015-11-19 22:08 - 10488168 _____ C:\Users\phili_000\Downloads\EchoOfSoulProgressive_de_5.88.exe
2015-11-19 21:57 - 2015-11-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE)
2015-11-19 21:31 - 2015-12-01 18:24 - 00000000 ____D C:\Users\phili_000\Downloads\Gameforge Live
2015-11-19 21:31 - 2015-11-19 21:31 - 00000000 ____D C:\Users\phili_000\AppData\Local\Gameforge4d
2015-11-19 21:30 - 2015-11-19 21:30 - 20232352 _____ (Gameforge ) C:\Users\phili_000\Downloads\NosTale_GameforgeLiveSetup.exe
2015-11-19 21:28 - 2015-12-02 22:18 - 00001766 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-19 21:28 - 2015-11-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-19 21:28 - 2015-11-19 21:44 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Apple Computer
2015-11-19 21:28 - 2015-11-19 21:28 - 00000000 ____D C:\Users\phili_000\AppData\Local\Apple Computer
2015-11-19 21:27 - 2015-12-02 22:18 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-19 21:27 - 2015-11-19 21:28 - 00000000 ____D C:\Program Files\iTunes
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Users\phili_000\AppData\Local\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\iPod
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\Bonjour
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-19 21:26 - 2015-11-19 21:27 - 00000000 ____D C:\ProgramData\Apple
2015-11-19 21:19 - 2015-11-19 21:19 - 00000000 ____D C:\Users\phili_000\AppData\Local\Acer Aspire R7 Tutorial
2015-11-19 21:16 - 2015-11-19 21:26 - 167839512 _____ (Apple Inc.) C:\Users\phili_000\Downloads\iTunes6464Setup.exe
2015-11-19 20:58 - 2015-12-02 22:18 - 00001022 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 20:58 - 2015-12-02 22:18 - 00001004 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 20:58 - 2015-12-02 08:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 20:47 - 2015-11-29 11:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-19 19:46 - 2015-11-23 22:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-19 19:46 - 2015-11-19 21:16 - 00000000 ____D C:\Users\phili_000\AppData\Local\Mozilla
2015-11-19 19:46 - 2015-11-19 19:46 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Mozilla
2015-11-19 19:44 - 2015-11-19 19:44 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Macromedia
2015-11-19 19:40 - 2015-12-03 07:43 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{143AB530-EDC0-4790-BBDC-E979581784E8}
2015-11-19 19:40 - 2015-11-19 19:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Google
2015-11-19 19:34 - 2015-11-20 17:32 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-1002
2015-11-19 19:32 - 2015-11-20 18:21 - 00000000 ___RD C:\Users\phili_000\OneDrive
2015-11-19 19:31 - 2015-12-02 22:18 - 00002309 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-11-19 19:30 - 2015-12-02 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\clear.fi
2015-11-19 19:29 - 2015-12-03 10:06 - 00000000 ____D C:\Users\phili_000\AppData\Local\Packages
2015-11-19 19:29 - 2015-12-02 22:18 - 00001279 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\PicStream
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Atheros
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Adobe
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Local\AOP SDK
2015-11-19 19:28 - 2015-12-03 14:46 - 00000000 __SHD C:\Users\phili_000\IntelGraphicsProfiles
2015-11-19 19:28 - 2015-12-02 23:15 - 00000000 ____D C:\Users\phili_000\AppData\Local\VirtualStore
2015-11-19 19:28 - 2015-12-01 21:18 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA Corporation
2015-11-19 19:28 - 2015-11-29 12:01 - 00000000 ____D C:\Users\phili_000\AppData\Local\Google
2015-11-19 19:28 - 2015-11-22 08:46 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2015-11-19 19:28 - 2015-11-19 21:14 - 00000000 ____D C:\Users\phili_000\AppData\Local\SweetLabs App Platform
2015-11-19 19:28 - 2015-11-19 19:28 - 00000000 ____D C:\Users\phili_000\AppData\Local\OEM

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-04 10:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-04 10:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 10:43 - 2015-03-15 10:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-04 10:04 - 2015-02-08 18:29 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 09:04 - 2015-02-08 18:29 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 08:59 - 2015-02-08 18:29 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 08:59 - 2015-02-08 18:29 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 08:46 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-03 14:52 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-03 14:52 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-03 14:52 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-03 14:45 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-03 10:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-03 10:25 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-03 10:02 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-02 23:32 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\SKB
2015-12-02 22:18 - 2014-09-25 23:52 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-12-02 22:18 - 2014-09-25 23:43 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-02 20:27 - 2014-09-25 23:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-02 20:27 - 2014-09-25 23:45 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 20:23 - 2014-07-14 19:33 - 00000000 ___HD C:\OEM
2015-12-01 21:27 - 2014-09-25 23:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-30 13:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-29 12:01 - 2015-02-08 18:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-29 09:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-26 14:16 - 2015-07-20 16:41 - 00003418 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-11-26 01:34 - 2015-07-13 20:45 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-25 00:07 - 2015-07-13 20:45 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-25 00:07 - 2015-07-13 20:45 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-25 00:07 - 2015-07-13 20:45 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-23 10:11 - 2015-02-08 11:58 - 00000000 ____D C:\Users\Public\OEM
2015-11-23 10:11 - 2014-09-25 23:45 - 00000000 ____D C:\Program Files\Acer
2015-11-22 10:59 - 2014-09-25 23:45 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2015-11-22 10:59 - 2014-09-25 23:45 - 00004614 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2015-11-22 10:59 - 2014-09-25 23:45 - 00003846 _____ C:\WINDOWS\System32\Tasks\ACC
2015-11-22 10:59 - 2014-09-25 23:45 - 00000000 ____D C:\ProgramData\Acer
2015-11-21 10:24 - 2015-02-08 18:27 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-21 09:16 - 2015-08-16 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
2015-11-21 09:16 - 2015-07-18 13:06 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-21 09:16 - 2014-09-25 23:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-21 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-20 22:03 - 2015-02-25 19:24 - 00027966 _____ C:\IFRToolLog.txt
2015-11-20 22:03 - 2014-09-25 23:36 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-11-20 22:03 - 2014-09-25 23:36 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-11-20 21:58 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-11-20 18:20 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-11-20 18:19 - 2014-09-25 23:37 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-20 17:37 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-11-20 17:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-11-20 17:36 - 2015-02-07 18:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-20 17:36 - 2014-09-25 22:46 - 00000000 ___HD C:\Intel
2015-11-20 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-11-20 17:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-20 17:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-11-20 17:32 - 2015-03-15 10:30 - 00002952 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-20 17:32 - 2015-02-08 18:34 - 00002370 _____ C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-1645853366-4108103990-173416813-1001
2015-11-20 17:32 - 2015-02-07 13:05 - 00003106 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA7026E4-1EEE-4C0B-8761-39E9C07B941B}
2015-11-20 17:32 - 2015-02-07 13:04 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-1001
2015-11-20 17:32 - 2014-09-26 00:07 - 00002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-500
2015-11-20 17:32 - 2014-09-25 23:52 - 00002574 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2015-11-20 17:32 - 2014-09-25 23:51 - 00002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-11-20 17:32 - 2014-09-25 23:45 - 00002096 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-11-20 17:31 - 2015-10-31 11:39 - 00002488 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform
2015-11-20 17:31 - 2014-09-25 23:52 - 00002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2015-11-20 17:31 - 2014-09-25 23:52 - 00002062 _____ C:\WINDOWS\System32\Tasks\Quick Access
2015-11-20 17:31 - 2014-09-25 23:39 - 00002118 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-11-20 17:27 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-20 17:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-11-20 17:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-20 17:23 - 2015-02-23 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-20 17:23 - 2015-02-08 18:39 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-11-20 17:23 - 2015-02-08 18:39 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-11-20 17:23 - 2015-02-08 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-20 17:23 - 2014-09-25 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-11-20 17:23 - 2014-09-25 23:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-11-20 17:23 - 2014-09-25 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-11-20 17:21 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-11-20 17:20 - 2015-02-10 16:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-20 17:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-11-20 17:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-11-20 17:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-11-20 17:19 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-20 17:19 - 2015-03-06 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Innonics
2015-11-20 17:19 - 2014-09-25 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-11-20 17:19 - 2014-09-25 23:25 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-11-20 17:19 - 2014-07-14 18:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-20 17:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-11-20 17:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-11-20 17:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-11-20 17:09 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-11-20 17:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-20 17:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-20 17:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-11-20 17:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-11-20 17:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-11-20 17:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-11-20 17:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-11-20 17:00 - 2015-10-30 08:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-11-19 19:37 - 2015-02-07 12:58 - 00000000 ____D C:\Users\RichardSpeckmaier
2015-11-19 19:35 - 2015-02-07 12:59 - 00000000 ____D C:\Users\RichardSpeckmaier\AppData\Local\AOP SDK
2015-11-19 19:29 - 2015-02-07 12:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-11-18 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-11-15 10:17 - 2015-08-16 21:05 - 00000000 ____D C:\ProgramData\Firefly Studios
2015-11-14 20:31 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-14 14:05 - 2015-02-10 16:14 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-08 20:57 - 2015-04-03 14:17 - 00183112 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-24 16:11 - 2015-11-24 16:11 - 0445964 _____ () C:\ProgramData\1448377674.bdinstall.bin
2015-11-24 19:46 - 2015-11-24 19:46 - 0024817 _____ () C:\ProgramData\1448390808.bdinstall.bin
2015-12-01 12:39 - 2015-12-01 12:39 - 0026298 _____ () C:\ProgramData\1448969942.bdinstall.bin
2015-12-01 12:48 - 2015-12-01 12:48 - 0024833 _____ () C:\ProgramData\1448970485.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 0024833 _____ () C:\ProgramData\1448970549.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 0024833 _____ () C:\ProgramData\1448970555.bdinstall.bin
2015-12-01 12:54 - 2015-12-01 12:54 - 0026369 _____ () C:\ProgramData\1448970878.bdinstall.bin
2015-12-01 13:02 - 2015-12-01 13:02 - 0024570 _____ () C:\ProgramData\1448971361.bdinstall.bin
2015-12-01 13:03 - 2015-12-01 13:03 - 0024570 _____ () C:\ProgramData\1448971416.bdinstall.bin
2015-12-01 13:14 - 2015-12-01 13:14 - 0024819 _____ () C:\ProgramData\1448972057.bdinstall.bin
2015-11-29 11:48 - 2015-11-29 11:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-11-20 17:14 - 2015-11-20 17:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\BatteryOptimizer.exe


Einige Dateien in TEMP:
====================
C:\Users\phili_000\AppData\Local\Temp\res.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\dik.exe
C:\Windows\mdik.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-30 23:47

==================== Ende von FRST.txt ============================
--- --- ---

Sc@rf@ce 04.12.2015 11:06
und noch die Addition.txt


PHP-Code:
2015-10-30 08:17 2015-10-30 08:17 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 2015-10-30 08:18 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-24 16:09 2013-09-03 13:29 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-04 08:40 2015-12-04 08:40 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpbr.mdl
2015-12-04 08:40 2015-12-04 08:40 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpdsp.mdl
2015-12-04 08:40 2015-12-04 08:40 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpph.mdl
2015-12-04 08:40 2015-12-04 08:40 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttprbl.mdl
2015-11-20 17:13 2015-11-24 20:32 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 2015-10-13 05:45 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 2015-10-13 05:45 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-08 11:06 2015-02-08 11:06 00087552 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\libglog.dll
2015-02-08 11:20 2015-02-08 11:20 01793248 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\cpprest120_1_4.dll
2015-02-08 11:20 2015-02-08 11:20 00355040 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\JsonCpp.dll
2014-09-25 23:49 2012-04-24 11:43 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-12-03 08:14 2015-11-22 11:47 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 2015-11-22 11:47 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-03 08:14 2015-11-22 11:47 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-25 23:55 2014-07-01 13:13 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-12-03 08:14 2015-11-22 10:18 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-03 08:14 2015-11-22 10:19 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-22 08:33 2015-11-22 08:34 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-09-30 20:39 2015-09-30 20:39 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-30 08:17 2015-10-30 08:17 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 2015-10-30 08:17 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-03 08:14 2015-11-22 10:23 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-03 08:14 2015-11-22 10:20 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-03 08:14 2015-11-22 10:21 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-23 18:44 2015-11-23 18:44 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-07-17 14:39 2015-07-17 14:39 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-11-20 23:10 2015-11-20 23:10 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-20 23:10 2015-11-20 23:10 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-10-30 08:18 2015-10-30 08:18 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2015-10-19 21:00 2015-10-19 21:00 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-11-25 00:05 2015-09-21 10:49 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-12-01 21:18 2015-11-12 19:39 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-22 08:33 2015-11-22 08:34 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-11-22 08:33 2015-11-22 08:34 02907648 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2015-11-22 08:33 2015-11-22 08:34 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2015-11-22 08:33 2015-11-22 08:34 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-25 00:05 2015-09-21 10:49 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-25 00:05 2015-09-21 10:49 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-25 00:05 2015-09-21 10:49 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-02-19 17:51 2014-02-19 17:51 01241560 _____ () C:\Program Files (x86)\Intel\Intel(RManagement Engine Components\LMS\ACE.dll
2015-11-16 19:55 2015-11-16 19:55 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 2015-11-16 19:56 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 2015-11-16 19:56 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 2015-11-16 19:56 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-12-02 20:23 2015-12-02 20:23 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 2015-11-17 11:11 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-17 11:10 2015-11-17 11:10 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-19 14:39 2015-11-19 14:39 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 2015-11-19 14:39 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird nur der ADS entfernt.)

AlternateDataStreamsC:\Program Files\Bitdefender Agent:Win32App_1
AlternateDataStreamsC:\Program Files\Bonjour:Win32App_1
AlternateDataStreamsC:\Program Files\CCleaner:Win32App_1
AlternateDataStreamsC:\Program Files\Dolby Digital Plus:Win32App_1
AlternateDataStreamsC:\Program Files\iTunes:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Foxit PhantomPDF:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Microsoft Silverlight:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Mozilla Thunderbird:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Qualcomm Atheros:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\TeamViewer:Win32App_1
AlternateDataStreamsC:\ProgramData\regid.1991-06.com.microsoft:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entferntDer Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt.)

IE trusted siteHKU\.DEFAULT\...\localhost -> localhost
IE trusted siteHKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted siteHKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\localhost -> localhost
IE trusted siteHKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Control Panel\Desktop\\Wallpaper -> c:\users\phili_000\pictures\wallpapers\bitdefender_wallpaper.png
DNS Servers192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin5) (ConsentPromptBehaviorUser3) (EnableLUA1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (AllowLPort=139
FirewallRules: [{EAB8735A-151B-403B-B88F-1582A303489A}] => (Allowe:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1A31FE46-DFEE-448D-A92E-B5C853E4ED5F}] => (AllowC:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16F970D2-0B81-47F3-A6C0-4557C0A5F41C}] => (AllowC:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{745A43D9-B26D-45FE-8224-B1B6EB2DD6F2}] => (AllowC:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7848EDF7-09E0-41C2-9332-102B6A791904}] => (AllowC:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43F058C6-8629-4E00-978B-56EFE60CD4E6}] => (AllowC:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82A7F785-09D3-4595-B862-4007B9D00CA3}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{091DE39B-7857-4260-9449-775F81D7C7E0}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24776E35-292B-413B-B9C8-7D0A7FEA1DF5}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E1121A28-72F9-49BB-8ACE-098CFB39EBDF}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E0F976C4-895D-46EE-9A7C-7B910C6D6021}] => (AllowC:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF00EA-55D2-49CE-8095-F3A1D8B1102B}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{25A0C4E7-F6FA-4146-8E8D-41BCEBCDC97E}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AE736457-4501-4A05-AC87-88BF7F894AD0}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BE785E5-B5AB-4CB0-A0DF-E014A79D3BB1}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (BlockE:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{D29DFEE0-C82B-493D-9149-69FB5B2E9530}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (BlockE:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [{C24D4B80-55A6-4019-B105-C8091988DB7E}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{518F0370-FC78-460A-A21E-88A91239C90F}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{23BB4802-2C94-4B02-AA2D-0ECB9D8CC13F}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{00770616-366A-4E02-82F7-92065974FD87}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{51B8A707-02A7-47D4-8214-FDFC6B0A4B47}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{64B060E5-8409-46BB-BA88-2D4CFE3ACA4D}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B89A7649-741C-4FD1-A1B2-B4EEAE0CE51D}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F1BD5625-099F-40D2-A95C-9BD97C7EC930}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B6D060D-AA3E-4AB8-BBB6-F7A49BD4CD6C}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CC32FFD-9E00-4CAB-B132-4D93B2D4C943}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4FB7F668-4218-4909-A82E-BFB4CB66E555}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90FB0F21-F7E1-49AE-8702-DE0771A9D9D9}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{FE43D7FD-05B0-46CE-9A83-45381D3D18F0}E:\diablo iii\diablo iii.exe] => (BlockE:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{10A3A6DD-7313-4F56-9472-A437144127B4}E:\diablo iii\diablo iii.exe] => (BlockE:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F4710D58-C36F-401C-875E-29411CFD3F5A}E:\diablo iii\diablo iii.exe] => (AllowE:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9733DCB6-3566-4805-8297-D3BD96153F20}E:\diablo iii\diablo iii.exe] => (AllowE:\diablo iii\diablo iii.exe
FirewallRules: [{03C1A66A-EE75-4222-B884-AFB927A12A71}] => (AllowE:\Battle.net\Battle.net.exe
FirewallRules: [{1AF19AFD-8BEF-4593-8A41-B5B09C559698}] => (AllowE:\Battle.net\Battle.net.exe
FirewallRules: [{6D22436B-8711-4C21-9A5E-E5A47E6F3E89}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A85D6835-1A98-4549-840C-FE2F2126E12A}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{81C67D0C-01E4-4911-8576-61C2AFD7A029}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{901899D8-EFA0-4445-9E7C-11DF99345249}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0F83CA-8701-4FA2-A44F-7E8265C8D25B}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1B46857-2746-4158-9BF5-80738E786850}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EFE4FA4-6FDE-46FE-9129-8A7F494612A8}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{38FCADEA-F703-4145-BB14-B48F4BD00718}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{692F1E5F-F180-4AAE-84AE-63736D418985}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BFA36618-6677-4020-BBBC-81F46AD3A8B3}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{47463F43-2730-4313-9F5C-92E0070C6C3D}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{635D6D07-964E-40DF-9844-81462935DEB7}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{B1750942-7B15-4A8D-8CBD-32E4F7CA16B7}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E1DFF03-9D12-447F-99DA-A0A915E4715A}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70EC2521-4246-4A5C-B20B-21B2C28E3C92}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BDEA5603-9469-452C-93AF-2BD7E3808CEC}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5E35023-0F8B-49E1-B525-582A9BBFA350}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EEEF414B-EBA5-44CA-856A-E64005EB71DF}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{86FAF3DD-4824-4AB4-A2A3-A10D4DAB57D5}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F517E3DE-86B9-45D3-B755-E492FDAC63FC}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{9092B7DB-A511-4687-B7D6-B8265DAF7867}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (AllowE:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [TCP Query User{FE4D403A-03FD-4DEC-87DD-56BCFE1F692D}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (AllowE:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [{6C1793D6-1AEF-4992-A5EA-836A32DD8A94}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8F7264C-805D-4848-859C-EBDA60B7365E}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777C3F7A-7D16-4429-9878-CD4FEC42EC4D}] => (AllowE:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E1BB0E9-6C33-4394-95EC-EBD45601B034}] => (AllowE:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E9F7A58-3BF3-4C1C-A2D0-4DECA53E95FC}] => (AllowE:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E85459EA-229C-4E11-A283-BE8EF5FD9A0A}] => (AllowE:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{95E1DFE4-7B5F-4691-935C-85355548E966}E:\program files (x86)\tmnationsforever\tmforever.exe] => (AllowE:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7C243CC-7B4D-46EC-9B87-D983C20E7F53}E:\program files (x86)\tmnationsforever\tmforever.exe] => (AllowE:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{55C16FEC-B652-4CB7-989B-82985F5F4E43}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{741430D6-F280-44AA-A83A-8DB76632634C}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08545E10-B9B4-42EA-AE96-A557D77171D3}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{48F56680-16AE-462D-B657-716FE78A366A}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{575423AF-095A-403E-B4FB-1D73CABDED52}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F20E06C-B1FE-4332-9677-09D98211C96F}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{42FE248F-E58D-426A-9244-6DA28ADFF287}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE5C3A0A-5BED-4036-B7AE-98725B2B34E8}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9597564E-A41C-409F-9CA7-B62D8DBAA027}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{17D5B3C2-47F9-410E-BF95-780C07A2F08F}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E638CA19-0729-490B-A581-2232887EE232}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5804532F-757F-4E0A-A044-FF892F7ADE0C}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4A98E89B-871C-43AB-B38C-B15FA85AF2FF}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4FFDB9D9-B636-4AA7-937A-82910457D0F8}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8CAAABC1-8DF9-4723-BFFD-98E16CB9BC64}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{81CDF4B6-460F-4C91-992E-0A432E22BD18}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{02F34962-0520-402A-A985-7C8AE1882FAD}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{74EA1C5C-1120-4036-87F0-71D854EB0F72}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ADDD2A26-31CD-4118-A4B8-11ADBBDEFD14}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{8D97AC3B-016E-43C3-9852-9F5F4B6CAE0C}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{65F2A37E-8384-498D-96E3-94C1BE9C9AE9}] => (AllowC:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0EE2B935-09D0-45BA-A801-7C08D494BBAB}] => (AllowC:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AFD454D4-DDB9-473C-99E0-7D4E1A5F1213}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D32DC2A6-55B8-463C-B917-A3F1BB6373C7}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A28E3453-FFA9-4C36-9B0D-12A66417D0BF}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E3B6E9CD-41CE-47E3-B1B8-381A8E7D5A69}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA040229-43D7-45E4-B53E-7CEF05935DF4}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F05DEEAC-2726-4AD5-BE08-496E396684D0}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E06E4E9A-AD29-4FB2-97E2-8191EF1B1206}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{37D1E2B0-DE80-4B78-B8C5-F7B415216608}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6D73076-49B0-436A-B94B-D5A735804234}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1FBD3F84-1DE3-4203-95C8-AAFB85FEB983}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B73DCF7B-F06C-418E-8B14-19724F141474}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{158FAA4C-60FB-439D-9771-9F094968C1E0}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6E9E5F5F-4578-444B-8101-E5EF6EC6AB9F}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ED8C21C5-36E9-4C29-85A6-FF334B15CD3F}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C8C8775A-8791-42B4-B074-17826EFC0FEF}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4736CBBB-F912-464A-BF51-1EB1F1E47B66}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B4780E33-E05B-490C-B24E-295B8196915A}] => (AllowC:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A236F4A-CD1C-4225-899F-F191A3F8CDAA}] => (AllowC:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{45BD9621-4D3D-49D2-ABF6-D04E5C7CA913}] => (AllowC:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EFDA2C5C-AF34-4572-B27D-7885024C6588}] => (AllowC:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{345FA44C-AE48-4A65-BAAE-F158740E9F9C}] => (AllowC:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (AllowC:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{B9CF93F0-7FD9-4280-B23B-3943630B054D}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{A337FD61-4FD2-42DD-83B9-4CB3B13C6E68}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{6B55CDCC-76F7-4D49-8D86-F06D5C314882}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{8080E4D2-9C47-4621-8914-20A408AD7B17}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [{9ECE984B-A4F1-45E4-AE4E-FAD40C7E66CF}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D324842A-781F-4E89-9E34-87725F89A9F0}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{76A6DECD-F301-444F-8600-A855CFE2D485}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D6541334-5960-4B06-A23F-6E58F4C13634}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5843DCFF-0EDB-4E5A-9835-661734BCB820}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{8C40B3B6-C5D0-4315-9A3F-65CF22D30C8C}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{38E14C17-7818-4088-82ED-E508D14EA669}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{7243BAD5-52BB-4592-ACFB-FA7059CF41BA}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{A9E53B59-F72F-468B-907A-22854052160C}] => (AllowLPort=5357
FirewallRules: [{E7635B80-EF10-4178-BCDE-12AB2683B9AE}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{68E12751-6AE5-42E1-BB47-420AD7E531C7}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{BD8BC519-4800-4BEC-9D5F-43F828805046}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{F34B711F-C40B-4613-97B1-B60871FFCC95}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{1790DE46-0D30-4832-B62F-863E040879A9}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{848C15FA-4D3E-48AA-B0BC-FBF1ABA0B846}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2E2417E4-C17E-499B-9985-5BA7513994E3}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{850D97F3-4812-4351-97B4-936BA795F1A0}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C76E1DD9-C9BA-4A1E-AF41-B2754C16E660}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C277C461-5104-4A00-A6A2-589BD7679B5E}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{580EEA5F-1937-4508-92D2-8CC0EE3484A3}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4274A85E-FF3D-41E8-9AEC-D57E1CB05520}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DB334257-B339-4DB4-B469-FC9224A0B805}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E0D93F0-6371-4B85-B7DA-7C5F57274079}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

NameBluetooth USB Module
DescriptionBluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
ManufacturerQualcomm Atheros Communications
ServiceBTHUSB
Problem: : This device is disabled. (Code 22)
ResolutionIn Device Managerclick "Action", and then click "Enable Device"This starts the Enable Device wizardFollow the instructions.

NameVirtueller Microsoft-Adapter für direktes WiFi
DescriptionVirtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
ManufacturerMicrosoft
Servicevwifimp
Problem: : This device is disabled. (Code 22)
ResolutionIn Device Managerclick "Action", and then click "Enable Device"This starts the Enable Device wizardFollow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/03/2015 03:51:32 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledSPRetry 4812

Error: (12/03/2015 03:51:32 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledEvent 4812

Error: (12/03/2015 03:51:32 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling ErrorContinuously busy for more than a second

Error: (12/03/2015 03:51:31 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledSPRetry 3578

Error: (12/03/2015 03:51:31 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledEvent 3578

Error: (12/03/2015 03:51:31 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling ErrorContinuously busy for more than a second

Error: (12/03/2015 03:51:30 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledSPRetry 2359

Error: (12/03/2015 03:51:30 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledEvent 2359

Error: (12/03/2015 03:51:30 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling ErrorContinuously busy for more than a second

Error: (12/03/2015 03:51:29 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledSPRetry 1172


Systemfehler:
=============
Error: (12/03/2015 06:24:04 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/03/2015 03:51:23 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/03/2015 02:45:17 PM) (SourceService Control Manager) (EventID7009) (User: )
DescriptionDas Zeitlimit (30000 mswurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _8385d erreicht.

Error: (12/03/2015 02:45:12 PM) (SourceDCOM) (EventID10010) (UserACERRICHARD)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (12/03/2015 02:45:12 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Benutzerdatenzugriff_8385d" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.

Error: (12/03/2015 02:45:12 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Benutzerdatenspeicher _8385d" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.

Error: (12/03/2015 02:45:12 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Kontaktdaten_8385d" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.

Error: (12/03/2015 02:45:12 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Synchronisierungshost_8385d" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.

Error: (12/03/2015 02:45:12 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/03/2015 10:41:02 AM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Benutzerdatenzugriff_75ce4" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.


CodeIntegrity:
===================================
  Date2015-12-03 14:42:49.532
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-12-03 10:00:41.678
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exeattempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 Antimalware signing level requirements.

  Date2015-12-03 08:57:20.634
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\1C94.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 08:54:49.535
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 08:51:22.867
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 00:05:15.122
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exeattempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date2015-11-29 11:59:02.148
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-28 08:55:24.782
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-26 14:14:33.874
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-24 16:03:08.589
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exeattempted to load \Device\HarddiskVolume4\ProgramData\SecurityUtility\SecurityUtility64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

ProzessorIntel(RCore(TMi7-4710HQ CPU 2.50GHz
Prozentuale Nutzung des RAM33%
Installierter physikalischer RAM8115.27 MB
Verfügbarer physikalischer RAM5380.91 MB
Summe virtueller Speicher9395.27 MB
Verfügbarer virtueller Speicher6385.02 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:97.22 GB) (Free:26.92 GBNTFS
Drive d: (Progs) (Fixed) (Total:97.66 GB) (Free:97.39 GBNTFS
Drive e: (Games) (Fixed) (Total:253.86 GB) (Free:250.55 GBNTFS

==================== MBR Partitionstabelle ==================

========================================================
Disk(Size465.8 GB) (Disk ID388C274B)

PartitionGPT.

==================== Ende von Addition.txt ============================ 

deeprybka 04.12.2015 23:20
Hi,
die Addition.txt ist unvollständig.

Sc@rf@ce 05.12.2015 20:00
Hi Jürgen, kann mir nicht ganz erklären was da nicht gepasst hat,
hab den kompletten Bericht kopiert. Aber hab nochmal nen LOG
erstellen lassen und hoffe er ist jetzt komplett.


LG Phil

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von phili_000 (2015-12-05 19:53:29)
Gestartet von C:\Users\phili_000\Downloads
Windows 10 Home (X64) (2015-11-20 16:35:55)
Start-Modus : Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1645853366-4108103990-173416813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1645853366-4108103990-173416813-503 - Limited - Disabled)
Gast (S-1-5-21-1645853366-4108103990-173416813-501 - Limited - Disabled)
phili_000 (S-1-5-21-1645853366-4108103990-173416813-1002 - Administrator - Enabled) => C:\Users\phili_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.20.1143 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Echo of Soul (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\echoofsoul_de) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Happy Cloud Client (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\HappyCloud) (Version: 5.88 - Happy Cloud, Inc.)
Host App Service (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_AP) (Version: 0.269.7.800 - Pokki)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1c3caad7-d0ad-4f7c-87e0-f47627304993}) (Version: 1.3.3.1036 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.7 - IObit)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Pokki Start Menu (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_Start_Menu) (Version: 0.269.7.800 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1645853366-4108103990-173416813-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

25-11-2015 20:38:43 Windows Update
28-11-2015 08:54:32 Windows Modules Installer
28-11-2015 18:10:33 Ashampoo AntiSpy for Windows® 10
29-11-2015 09:16:41 Installed LibreOffice 5.0.3.2
29-11-2015 09:34:32 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
29-11-2015 09:34:57 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
29-11-2015 09:36:06 OpenOffice 4.1.2 wird installiert
29-11-2015 11:42:59 Installed HP Support Solutions Framework
01-12-2015 21:26:37 NVIDIA PhysX wird entfernt
03-12-2015 09:59:34 Malwarebytes Anti-Rootkit Restore Point
05-12-2015 19:44:54 Prüfpunkt von HitmanPro

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-05 19:27 - 00000873 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1                        d3oxij66pru1i3.cloudfront.net

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05E89F7B-1BD6-4E69-B40E-3CDA22756C1D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {1C760AE0-4691-4050-9BF1-CABB04392B9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B9E5DC8-5368-4C5E-86DE-55D70B663B73} - System32\Tasks\avastBCLRestartS-1-5-21-1645853366-4108103990-173416813-1001 => Firefox.exe
Task: {2CE9A845-AE5F-49CC-BF26-BFB9E76C1CDD} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {2E1BB0AE-80DF-4F6A-B714-0E2925A46F1D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {2E4649AB-9548-4B78-A425-F26CEDD612A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {361016F7-22F1-465D-8DC6-9D81F56D6ED6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3D9E8952-D3FF-4CDF-8EDB-E7D70363415D} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {406A5269-A884-4944-A972-5CFBD1ECD2C3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4BD0A954-CA58-4DCD-B77B-5F471E0B113E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {58E2506F-DC3E-4BAC-9999-730BCCCFABCC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
Task: {5C6BDC37-2A32-41E6-BCDF-34DB0CAA9D21} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {6CD1D35F-BD0B-4DFB-BB48-AA96093C17F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {6E92E7A9-967C-479D-91E3-4F3F5961A6F5} - System32\Tasks\SweetLabs App Platform => C:\Users\phili_000\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {767D0157-7D18-4AB2-B8A4-0AA8699CC374} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {788B4AFD-B011-46D1-85CB-E6FBECB274C6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {855851BA-57EF-4783-B465-64796561A4EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {8AF85D1F-2AB4-46FB-B1A8-B31F857609E5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {8D40EBCB-6231-4A60-B5A4-6C2FB3542CCF} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {99DB389E-BD1A-498F-88A3-7C27C999F0A0} - System32\Tasks\Uninstaller_SkipUac_phili_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-20] (IObit)
Task: {9C1C0420-BBA6-440B-8272-94335B0775B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AB98642A-B8F1-4816-B768-211C3997EB40} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
Task: {AE411750-82DE-4D42-BB75-C6A7B1E83785} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B6B3E581-B66D-4C9E-89AC-C8C70333FF38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {B831B44E-5D36-4D76-8EAF-C5BFBE28B56D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {C1E8DF03-5C42-4F07-A471-1EE77E82A216} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E3ACD859-7468-42CE-B74D-45CAD37A45BE} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {FED387BA-70B3-4608-A80F-EB0B247E80FF} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_phili_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-24 16:09 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-04 08:40 - 2015-12-04 08:40 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpbr.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpdsp.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpph.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttprbl.mdl
2015-11-20 17:13 - 2015-11-24 20:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-08 11:06 - 2015-02-08 11:06 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-25 23:49 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-25 23:55 - 2014-07-01 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-03 08:14 - 2015-11-22 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-03 08:14 - 2015-11-22 10:23 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-03 08:14 - 2015-11-22 10:20 - 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-03 08:14 - 2015-11-22 10:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 08:18 - 2015-10-30 19:43 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-11-20 23:10 - 2015-11-20 23:10 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-20 23:10 - 2015-11-20 23:10 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-04 08:46 - 2015-12-04 08:46 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-04 08:46 - 2015-12-04 08:46 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-20 23:12 - 2015-11-20 23:12 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2015-11-26 14:29 - 2015-11-26 14:29 - 00475712 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2015-11-24 16:10 - 2015-11-26 14:28 - 00157696 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2015-11-24 16:10 - 2015-10-26 11:44 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2015-11-24 16:10 - 2015-10-26 11:44 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2015-11-26 14:29 - 2015-11-26 14:29 - 00051352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2015-11-25 00:05 - 2015-09-21 10:49 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-12-01 21:18 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 02907648 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 01302528 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2015-11-25 00:05 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-25 00:05 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-25 00:05 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-02-19 17:51 - 2014-02-19 17:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-12-02 20:23 - 2015-12-02 20:23 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-17 11:10 - 2015-11-17 11:10 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Bitdefender Agent:Win32App_1
AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1
AlternateDataStreams: C:\Program Files\Dolby Digital Plus:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Foxit PhantomPDF:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Thunderbird:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Control Panel\Desktop\\Wallpaper -> c:\users\phili_000\pictures\wallpapers\bitdefender_wallpaper.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EAB8735A-151B-403B-B88F-1582A303489A}] => (Allow) e:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1A31FE46-DFEE-448D-A92E-B5C853E4ED5F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16F970D2-0B81-47F3-A6C0-4557C0A5F41C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{745A43D9-B26D-45FE-8224-B1B6EB2DD6F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7848EDF7-09E0-41C2-9332-102B6A791904}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43F058C6-8629-4E00-978B-56EFE60CD4E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82A7F785-09D3-4595-B862-4007B9D00CA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{091DE39B-7857-4260-9449-775F81D7C7E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24776E35-292B-413B-B9C8-7D0A7FEA1DF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E1121A28-72F9-49BB-8ACE-098CFB39EBDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E0F976C4-895D-46EE-9A7C-7B910C6D6021}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF00EA-55D2-49CE-8095-F3A1D8B1102B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{25A0C4E7-F6FA-4146-8E8D-41BCEBCDC97E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AE736457-4501-4A05-AC87-88BF7F894AD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BE785E5-B5AB-4CB0-A0DF-E014A79D3BB1}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Block) E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{D29DFEE0-C82B-493D-9149-69FB5B2E9530}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Block) E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [{C24D4B80-55A6-4019-B105-C8091988DB7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{518F0370-FC78-460A-A21E-88A91239C90F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{23BB4802-2C94-4B02-AA2D-0ECB9D8CC13F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{00770616-366A-4E02-82F7-92065974FD87}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{51B8A707-02A7-47D4-8214-FDFC6B0A4B47}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{64B060E5-8409-46BB-BA88-2D4CFE3ACA4D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B89A7649-741C-4FD1-A1B2-B4EEAE0CE51D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F1BD5625-099F-40D2-A95C-9BD97C7EC930}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B6D060D-AA3E-4AB8-BBB6-F7A49BD4CD6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CC32FFD-9E00-4CAB-B132-4D93B2D4C943}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4FB7F668-4218-4909-A82E-BFB4CB66E555}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90FB0F21-F7E1-49AE-8702-DE0771A9D9D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{FE43D7FD-05B0-46CE-9A83-45381D3D18F0}E:\diablo iii\diablo iii.exe] => (Block) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{10A3A6DD-7313-4F56-9472-A437144127B4}E:\diablo iii\diablo iii.exe] => (Block) E:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F4710D58-C36F-401C-875E-29411CFD3F5A}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9733DCB6-3566-4805-8297-D3BD96153F20}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{03C1A66A-EE75-4222-B884-AFB927A12A71}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{1AF19AFD-8BEF-4593-8A41-B5B09C559698}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{6D22436B-8711-4C21-9A5E-E5A47E6F3E89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A85D6835-1A98-4549-840C-FE2F2126E12A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{81C67D0C-01E4-4911-8576-61C2AFD7A029}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{901899D8-EFA0-4445-9E7C-11DF99345249}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0F83CA-8701-4FA2-A44F-7E8265C8D25B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1B46857-2746-4158-9BF5-80738E786850}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EFE4FA4-6FDE-46FE-9129-8A7F494612A8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{38FCADEA-F703-4145-BB14-B48F4BD00718}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{692F1E5F-F180-4AAE-84AE-63736D418985}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BFA36618-6677-4020-BBBC-81F46AD3A8B3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{47463F43-2730-4313-9F5C-92E0070C6C3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{635D6D07-964E-40DF-9844-81462935DEB7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{B1750942-7B15-4A8D-8CBD-32E4F7CA16B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E1DFF03-9D12-447F-99DA-A0A915E4715A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70EC2521-4246-4A5C-B20B-21B2C28E3C92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BDEA5603-9469-452C-93AF-2BD7E3808CEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5E35023-0F8B-49E1-B525-582A9BBFA350}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EEEF414B-EBA5-44CA-856A-E64005EB71DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{86FAF3DD-4824-4AB4-A2A3-A10D4DAB57D5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F517E3DE-86B9-45D3-B755-E492FDAC63FC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{9092B7DB-A511-4687-B7D6-B8265DAF7867}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) E:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [TCP Query User{FE4D403A-03FD-4DEC-87DD-56BCFE1F692D}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) E:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [{6C1793D6-1AEF-4992-A5EA-836A32DD8A94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8F7264C-805D-4848-859C-EBDA60B7365E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777C3F7A-7D16-4429-9878-CD4FEC42EC4D}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E1BB0E9-6C33-4394-95EC-EBD45601B034}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E9F7A58-3BF3-4C1C-A2D0-4DECA53E95FC}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E85459EA-229C-4E11-A283-BE8EF5FD9A0A}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{95E1DFE4-7B5F-4691-935C-85355548E966}E:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) E:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7C243CC-7B4D-46EC-9B87-D983C20E7F53}E:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) E:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{55C16FEC-B652-4CB7-989B-82985F5F4E43}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{741430D6-F280-44AA-A83A-8DB76632634C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08545E10-B9B4-42EA-AE96-A557D77171D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{48F56680-16AE-462D-B657-716FE78A366A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{575423AF-095A-403E-B4FB-1D73CABDED52}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F20E06C-B1FE-4332-9677-09D98211C96F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{42FE248F-E58D-426A-9244-6DA28ADFF287}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE5C3A0A-5BED-4036-B7AE-98725B2B34E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9597564E-A41C-409F-9CA7-B62D8DBAA027}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{17D5B3C2-47F9-410E-BF95-780C07A2F08F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E638CA19-0729-490B-A581-2232887EE232}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5804532F-757F-4E0A-A044-FF892F7ADE0C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4A98E89B-871C-43AB-B38C-B15FA85AF2FF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4FFDB9D9-B636-4AA7-937A-82910457D0F8}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8CAAABC1-8DF9-4723-BFFD-98E16CB9BC64}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{81CDF4B6-460F-4C91-992E-0A432E22BD18}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{02F34962-0520-402A-A985-7C8AE1882FAD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{74EA1C5C-1120-4036-87F0-71D854EB0F72}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ADDD2A26-31CD-4118-A4B8-11ADBBDEFD14}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{8D97AC3B-016E-43C3-9852-9F5F4B6CAE0C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{65F2A37E-8384-498D-96E3-94C1BE9C9AE9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0EE2B935-09D0-45BA-A801-7C08D494BBAB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AFD454D4-DDB9-473C-99E0-7D4E1A5F1213}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D32DC2A6-55B8-463C-B917-A3F1BB6373C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A28E3453-FFA9-4C36-9B0D-12A66417D0BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E3B6E9CD-41CE-47E3-B1B8-381A8E7D5A69}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA040229-43D7-45E4-B53E-7CEF05935DF4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F05DEEAC-2726-4AD5-BE08-496E396684D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E06E4E9A-AD29-4FB2-97E2-8191EF1B1206}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{37D1E2B0-DE80-4B78-B8C5-F7B415216608}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6D73076-49B0-436A-B94B-D5A735804234}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1FBD3F84-1DE3-4203-95C8-AAFB85FEB983}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B73DCF7B-F06C-418E-8B14-19724F141474}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{158FAA4C-60FB-439D-9771-9F094968C1E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6E9E5F5F-4578-444B-8101-E5EF6EC6AB9F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ED8C21C5-36E9-4C29-85A6-FF334B15CD3F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C8C8775A-8791-42B4-B074-17826EFC0FEF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4736CBBB-F912-464A-BF51-1EB1F1E47B66}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B4780E33-E05B-490C-B24E-295B8196915A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A236F4A-CD1C-4225-899F-F191A3F8CDAA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{45BD9621-4D3D-49D2-ABF6-D04E5C7CA913}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EFDA2C5C-AF34-4572-B27D-7885024C6588}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{345FA44C-AE48-4A65-BAAE-F158740E9F9C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{B9CF93F0-7FD9-4280-B23B-3943630B054D}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{A337FD61-4FD2-42DD-83B9-4CB3B13C6E68}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{6B55CDCC-76F7-4D49-8D86-F06D5C314882}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{8080E4D2-9C47-4621-8914-20A408AD7B17}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [{9ECE984B-A4F1-45E4-AE4E-FAD40C7E66CF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D324842A-781F-4E89-9E34-87725F89A9F0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{76A6DECD-F301-444F-8600-A855CFE2D485}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D6541334-5960-4B06-A23F-6E58F4C13634}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5843DCFF-0EDB-4E5A-9835-661734BCB820}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{8C40B3B6-C5D0-4315-9A3F-65CF22D30C8C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{38E14C17-7818-4088-82ED-E508D14EA669}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{7243BAD5-52BB-4592-ACFB-FA7059CF41BA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{A9E53B59-F72F-468B-907A-22854052160C}] => (Allow) LPort=5357
FirewallRules: [{E7635B80-EF10-4178-BCDE-12AB2683B9AE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{68E12751-6AE5-42E1-BB47-420AD7E531C7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{BD8BC519-4800-4BEC-9D5F-43F828805046}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{F34B711F-C40B-4613-97B1-B60871FFCC95}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{1790DE46-0D30-4832-B62F-863E040879A9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{848C15FA-4D3E-48AA-B0BC-FBF1ABA0B846}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2E2417E4-C17E-499B-9985-5BA7513994E3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{850D97F3-4812-4351-97B4-936BA795F1A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C76E1DD9-C9BA-4A1E-AF41-B2754C16E660}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C277C461-5104-4A00-A6A2-589BD7679B5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{580EEA5F-1937-4508-92D2-8CC0EE3484A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4274A85E-FF3D-41E8-9AEC-D57E1CB05520}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DB334257-B339-4DB4-B469-FC9224A0B805}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E0D93F0-6371-4B85-B7DA-7C5F57274079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Virtueller Microsoft-Adapter für direktes WiFi
Description: Virtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/05/2015 07:45:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/05/2015 07:44:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {99ca686f-355f-4e7a-8f5e-99c7a7810b1e}

Error: (12/05/2015 07:31:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.12.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8730

Startzeit: 01d12f8b24a885d0

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\phili_000\Desktop\FRST64.exe

Berichts-ID: 65607ba8-9b7e-11e5-82a7-206a8a9d87aa

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (12/05/2015 12:40:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.12.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9768

Startzeit: 01d12f51b491c70b

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\phili_000\Desktop\FRST64.exe

Berichts-ID: f4f5ae87-9b44-11e5-82a7-206a8a9d87aa

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (12/04/2015 11:30:00 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/03/2015 03:51:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4812

Error: (12/03/2015 03:51:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4812

Error: (12/03/2015 03:51:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/03/2015 03:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3578

Error: (12/03/2015 03:51:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3578


Systemfehler:
=============
Error: (12/05/2015 07:31:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/05/2015 12:40:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/05/2015 12:40:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/05/2015 12:37:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 05:55:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 04:31:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 01:15:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 12:15:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 11:31:30 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (12/03/2015 06:24:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2015-12-03 14:42:49.532
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-03 10:00:41.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-03 08:57:20.634
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\1C94.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 08:54:49.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 08:51:22.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 00:05:15.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-11-29 11:59:02.148
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-28 08:55:24.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-26 14:14:33.874
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-24 16:03:08.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\ProgramData\SecurityUtility\SecurityUtility64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 4096.05 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5688.05 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:97.22 GB) (Free:23.02 GB) NTFS
Drive d: (Progs) (Fixed) (Total:97.66 GB) (Free:97.39 GB) NTFS
Drive e: (Games) (Fixed) (Total:253.86 GB) (Free:250.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 388C274B)

Partition: GPT.

==================== Ende von Addition.txt ============================

deeprybka 06.12.2015 17:27
Zitat:
Zitat von Sc@rf@ce (Beitrag 1541440)
sprich es existiert auch hier kein LOG, mal vorrausgesetzt man kann dort einen LOG speichern, da ich hierzu nichts gefunden habe.
Man soll ja auch nicht einfach so alle möglichen Tools drüberziehen...:)

Bitte folgende Scans wiederholen bzw. genau nach Anleitung durchführen:


Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Sc@rf@ce 06.12.2015 18:08
Code:
# AdwCleaner v5.023 - Bericht erstellt am 06/12/2015 um 18:03:34
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : phili_000 - ACERRICHARD
# Gestartet von : C:\Users\phili_000\Desktop\adwcleaner_5.023.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [855 Bytes] ##########
die anderen folgen

deeprybka 06.12.2015 18:13
Zitat:
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
Siehste, das spart uns schon Arbeit...:)

Sc@rf@ce 06.12.2015 20:42
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 06.12.2015
Suchlaufzeit: 18:11
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.06.05
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: phili_000

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 418243
Abgelaufene Zeit: 9 Min., 39 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
So, nach langer Wartezeit das Ergebnis: :daumenhoc

PHP-Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=65a3f31daa00c04bb7e1dc76685c6d06
# end=init
# utc_time=2015-12-06 05:26:00
# local_time=2015-12-06 06:26:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version27068
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=65a3f31daa00c04bb7e1dc76685c6d06
# end=updated
# utc_time=2015-12-06 05:32:00
# local_time=2015-12-06 06:32:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=65a3f31daa00c04bb7e1dc76685c6d06
# engine=27068
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-12-06 07:25:01
# local_time=2015-12-06 08:25:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2067 16777213 50 88 10767 146742566 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 283281 3354969 0 0
# scanned=371092
# found=23
# cleaned=23
# scan_time=6780
sh=9E4652C05E3BE2A708B787AE505296352396BA23 ft=1 fh=fd77bb4036c8df60 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1645853366-4108103990-173416813-1002\$RHQTL90.exe"
sh=C32AE3671AD24ED49385429CFE407BC50C01111A ft=1 fh=0b88e8f9d7bd75d3 vn="Variante von Win32/Adware.PricePeep.D Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Boost\Boost.dll.vir"
sh=AAA623029121715DD514658EB72C344C182CE5D4 ft=1 fh=2063f527e15bc225 vn="Variante von MSIL/MyPCBackup.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\BackupStackUI.dll.vir"
sh=192CBAABA0DCF493142342428C7C4CF4E9BB2373 ft=1 fh=f77dc598a5ff0260 vn="Variante von MSIL/RunElevated.A potenziell unsichere Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Configuration Updater.exe.vir"
sh=BAFC87AA0D99C347EA00A77BB09CE78915DF75E5 ft=1 fh=edcb43f436e617cd vn="MSIL/MyPCBackup.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir"
sh=ADBC3B046D89F0388ABDC431175CE7D1B104F84D ft=1 fh=7e8543c2b27160a2 vn="Win32/Wajam.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\uninstall.exe.vir"
sh=ADBC3B046D89F0388ABDC431175CE7D1B104F84D ft=1 fh=7e8543c2b27160a2 vn="Win32/Wajam.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WajIntEnhance\uninstall.exe.vir"
sh=BB9E611890ADD2DC0832BDFC39D49E028D000236 ft=1 fh=4ecc6ff1deeb4336 vn="Variante von MSIL/Adware.PullUpdate.L.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=4AA2B6EDD3BAA28B906214258ECCD6627991BBCC ft=1 fh=8d00a1eb5ddbb1a4 vn="Variante von Win32/Adware.CouponMarvel.Q Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\NSISHelper.dll.vir"
sh=B9E24083405E39EA8B645E96AC2D5B45C85E4E3A ft=1 fh=92e08960d9936d7b vn="Variante von Win64/Adware.CouponMarvel.L Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir"
sh=3CC5CF60931F018A33051111E19BAB54DD89723B ft=1 fh=005322131be7300b vn="Variante von Win32/Adware.CouponMarvel.Q.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir"
sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\AppData\Local\Temp\DMR\dmr_72.exe"
sh=70552F10FF8AD2A1AE8F525EF348E673224BD76B ft=1 fh=dc425f8a0e18fa7c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\BitDefender Antivirus Free Edition - CHIP-Installer.exe"
sh=1F9937FB1E28EB1A39110B096ADC2F2123F7D977 ft=1 fh=7830aa1c41bc5796 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\Bitdefender Rootkit Remover - CHIP-Installer.exe"
sh=1DE8C631EE33D59F6C436910D560753076E54753 ft=1 fh=b340c0e259aae591 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\BitDefender Total Security 2016 - CHIP-Installer.exe"
sh=C3A02FD4656075711B6584CCF6C62ADC0DE9977C ft=1 fh=54b2965e772aa716 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\CyberGhost VPN - CHIP-Installer.exe"
sh=8D0DF61FEA11343E57A4CFD21F08C99BCA504DA6 ft=1 fh=344d8bd2b7a23d65 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\e73f19hl_CB-DL-Manager (1).exe"
sh=8D0DF61FEA11343E57A4CFD21F08C99BCA504DA6 ft=1 fh=344d8bd2b7a23d65 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\e73f19hl_CB-DL-Manager.exe"
sh=B6EEC551BAB358CE27D55983F1DEB14A100AF3D8 ft=1 fh=d24409688f843788 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\FreeYouTubeToMP3Converter.exe"
sh=3D1D9ABD79D4AE75003285A71D7E8BD560FAE36D ft=1 fh=1c65da34b603078b vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\FreeYouTubeToMP3Converter_CB-DL-Manager.exe"
sh=59B5084BB05F2C295868B75E4ECF72BBFAAB6464 ft=1 fh=e9ff6aaeb7d0c0ee vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\Nvidia GeForce Experience - CHIP-Installer.exe"
sh=D669FC14B87BA3FE56015F72A36F386265A4C17B ft=1 fh=72bd60f83158485d vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\phili_000\Downloads\HP Downloads\HP Officejet Pro 8610 e-All-in-One-Druckerserie, Software und Treiber mit vollem Funktionsumfang - OJ8610_198.exe"
sh=A901074F923EFA09A7E4413D55EF30C8FCBD0322 ft=1 fh=eb841dc825cb1c22 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\phili_000\AppData\Local\Temp\DMR\dmr_72.exe" 

deeprybka 07.12.2015 19:01
http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?


Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Sc@rf@ce 07.12.2015 19:33

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von phili_000 (Administrator) auf ACERRICHARD (07-12-2015 19:30:08)
Gestartet von C:\Users\phili_000\Downloads
Geladene Profile: phili_000 (Verfügbare Profile: phili_000)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
() C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.0.258.0_x86__vk8qsnw174y90\Kobo.Universal.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\seccenter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\obkagent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1683920 2015-11-26] (Bitdefender)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1416608 2015-11-26] (Bitdefender)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\RunOnce: [Uninstall C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\MountPoints2: {829ef0e5-94d9-11e5-829e-206a8a9d87aa} - "F:\shelexec.exe" .\starter.html
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-12-02]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk ->  (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1                        d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{015a8b71-29ca-468d-86b2-53f9b81df378}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d6fc2d0c-d9e1-4b4e-91d8-9ee0af41ce6e}: [DhcpNameServer] 192.19.128.24

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {1445FCAF-8A8D-47A8-AB93-5EB8C65B4A07} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {212D7AE8-7DB2-4AFA-A37D-7317D6E09388} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {680BC10C-91EF-4336-BA81-33C597EDA1ED} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {B22D9EA2-C190-4DF1-9268-73913BCFA58E} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> {E3F2141F-0B01-4266-A1FE-A49FBA9963A7} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-11-24] (Bitdefender)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-11-24] (Bitdefender)
Toolbar: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-11-24] (Bitdefender)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Keine Datei

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1645853366-4108103990-173416813-1002 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF ProfilePath: C:\Users\phili_000\AppData\Roaming\Mozilla\Firefox\Profiles\j2q20h92.default
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\bdwteff [2015-11-18] [ist nicht signiert]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-11-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-11-18] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-17] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-02-08] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [823840 2015-09-22] (Bitdefender)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1595864 2015-11-26] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-11-24] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-11-24] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-24] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87920 2015-11-26] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-11-24] (Bitdefender)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\1C94.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-21] (Wellbia.com Co., Ltd.)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-06 18:25 - 2015-12-06 18:25 - 02870984 _____ (ESET) C:\Users\phili_000\Downloads\esetsmartinstaller_deu.exe
2015-12-06 18:25 - 2015-12-06 18:25 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-05 19:47 - 2015-12-05 19:52 - 00000000 ____D C:\Users\phili_000\Downloads\FRST-OlderVersion
2015-12-05 19:46 - 2015-12-05 19:52 - 02369024 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe
2015-12-05 19:35 - 2015-12-05 19:45 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-04 11:12 - 2015-12-04 11:12 - 00001099 _____ C:\Users\phili_000\Downloads\adwcleaner_5.023.exe - Verknüpfung.lnk
2015-12-04 10:58 - 2015-12-07 19:30 - 00024435 _____ C:\Users\phili_000\Downloads\FRST.txt
2015-12-04 10:58 - 2015-12-07 19:30 - 00000000 ____D C:\FRST
2015-12-04 10:58 - 2015-12-05 19:55 - 00060195 _____ C:\Users\phili_000\Downloads\Addition.txt
2015-12-04 10:25 - 2015-12-04 10:30 - 01736704 _____ C:\Users\phili_000\Downloads\AdwCleaner_5.023 (1).exe
2015-12-04 10:23 - 2015-12-04 10:25 - 01736704 _____ C:\Users\phili_000\Desktop\adwcleaner_5.023.exe
2015-12-03 09:41 - 2015-12-06 16:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-03 09:40 - 2015-12-06 16:43 - 00000000 ____D C:\Users\phili_000\Desktop\mbar
2015-12-03 09:40 - 2015-12-03 09:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\phili_000\Downloads\mbar-1.09.3.1001.exe
2015-12-03 08:57 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\1C94.tmp
2015-12-03 08:51 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\9B84.tmp
2015-12-03 08:50 - 2015-12-03 09:28 - 00000000 ____D C:\Program Files (x86)\Sophos
2015-12-03 08:50 - 2015-12-03 08:50 - 01339288 _____ C:\Users\phili_000\Downloads\sar_15_sfx.exe
2015-12-03 08:15 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 08:15 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-03 08:15 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 08:15 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-03 08:15 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 08:15 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-03 08:15 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 08:15 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-03 08:15 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-03 08:15 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 08:15 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-03 08:15 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-03 08:15 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-03 08:15 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-03 08:15 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-03 08:15 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-03 08:15 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-03 08:14 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 08:14 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 08:14 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-03 08:14 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 08:14 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 08:14 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 08:14 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 08:14 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 08:14 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 08:14 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 08:14 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 08:14 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 08:14 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 08:14 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 08:14 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 08:14 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 08:14 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-03 08:14 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 08:14 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 08:14 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 08:14 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 08:14 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 08:14 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 08:14 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 08:14 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 08:14 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 08:14 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 08:14 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 08:14 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 08:14 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 08:14 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 08:14 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-03 08:14 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 08:14 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-03 08:14 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 08:14 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 08:14 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 08:14 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-03 08:14 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 08:14 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 08:14 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 08:14 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 08:14 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 08:14 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 08:14 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 08:14 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 08:14 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 08:14 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 08:14 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 08:14 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 08:14 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 08:14 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 08:14 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-03 08:14 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 08:14 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 08:14 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 08:14 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 08:14 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 08:14 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 08:14 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 08:14 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-03 08:14 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 08:14 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 08:14 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 08:14 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-03 00:12 - 2015-12-03 00:12 - 00000000 ____D C:\ProgramData\Emsisoft
2015-12-02 23:15 - 2015-12-02 23:15 - 00380416 _____ C:\Users\phili_000\Downloads\e73f19hl.exe
2015-12-02 21:44 - 2015-12-06 18:11 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 21:43 - 2015-12-06 16:22 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-02 21:43 - 2015-12-02 22:18 - 00001172 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-02 21:43 - 2015-12-02 21:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-02 21:43 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-02 21:43 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-02 21:42 - 2015-12-02 21:43 - 22908888 _____ (Malwarebytes ) C:\Users\phili_000\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-02 20:32 - 2015-12-02 20:32 - 00000000 ____D C:\Users\phili_000\Desktop\Acer Stuff
2015-12-02 20:28 - 2015-12-02 20:28 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2015-12-02 20:23 - 2015-12-02 20:23 - 00003404 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2015-12-02 18:31 - 2015-12-02 18:34 - 00000000 ____D C:\Users\phili_000\AppData\Local\CyberGhost
2015-12-02 18:29 - 2015-12-02 22:18 - 00001780 _____ C:\Users\phili_000\Desktop\CyberGhost 5.lnk
2015-12-02 18:29 - 2015-12-02 18:30 - 00000000 ____D C:\Program Files\TAP-Windows
2015-12-02 18:29 - 2015-12-02 18:30 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-12-02 18:29 - 2015-12-02 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-12-01 21:24 - 2015-11-25 00:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-01 21:24 - 2015-11-25 00:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-01 21:18 - 2015-12-02 22:18 - 00001451 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-12-01 21:18 - 2015-12-01 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-01 21:18 - 2015-11-12 19:37 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-12-01 21:18 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-12-01 21:18 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-12-01 20:17 - 2015-12-01 20:17 - 00000000 ____D C:\Users\phili_000\Downloads\Bitdefender Safepay
2015-12-01 13:14 - 2015-12-01 13:14 - 00024819 _____ C:\ProgramData\1448972057.bdinstall.bin
2015-12-01 13:03 - 2015-12-01 13:03 - 00024570 _____ C:\ProgramData\1448971416.bdinstall.bin
2015-12-01 13:02 - 2015-12-01 13:02 - 00024570 _____ C:\ProgramData\1448971361.bdinstall.bin
2015-12-01 12:54 - 2015-12-01 12:54 - 07236184 _____ C:\Users\phili_000\Downloads\bitdefender_windows_c5ad0f12-0625-46d0-a18d-047afa4db5d4.exe
2015-12-01 12:54 - 2015-12-01 12:54 - 00026369 _____ C:\ProgramData\1448970878.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 00024833 _____ C:\ProgramData\1448970555.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 00024833 _____ C:\ProgramData\1448970549.bdinstall.bin
2015-12-01 12:48 - 2015-12-01 12:48 - 00024833 _____ C:\ProgramData\1448970485.bdinstall.bin
2015-12-01 12:47 - 2015-12-01 12:49 - 07207408 _____ C:\Users\phili_000\Downloads\bitdefender_tsecurity.exe
2015-12-01 12:39 - 2015-12-01 12:39 - 00026298 _____ C:\ProgramData\1448969942.bdinstall.bin
2015-12-01 12:38 - 2015-12-01 12:38 - 07236184 _____ C:\Users\phili_000\Downloads\bitdefender_windows_43c2d0f9-af7b-4daa-82f4-a94cd7d44793.exe
2015-12-01 09:37 - 2015-12-01 10:19 - 00000000 ____D C:\Users\phili_000\Desktop\Google Play Store Daten
2015-11-29 12:19 - 2015-11-29 12:19 - 00000000 ____D C:\Users\phili_000\Desktop\HP Drucker
2015-11-29 12:14 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM5912.dll
2015-11-29 12:10 - 2015-11-29 12:11 - 123809984 _____ C:\Users\phili_000\Downloads\OJ8600_1315-1.exe
2015-11-29 11:48 - 2015-11-29 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\ProgramData\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\Program Files\HP
2015-11-29 11:48 - 2015-11-29 12:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-29 11:48 - 2015-11-29 11:48 - 00000057 _____ C:\ProgramData\Ament.ini
2015-11-29 11:48 - 2015-11-29 11:48 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HpUpdate
2015-11-29 11:48 - 2014-07-21 16:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPDiscoPM7112.dll
2015-11-29 11:47 - 2015-11-29 12:16 - 00000000 ____D C:\Users\phili_000\AppData\Local\HP
2015-11-29 11:44 - 2015-12-06 20:24 - 00000000 ____D C:\Users\phili_000\Downloads\HP Downloads
2015-11-29 11:44 - 2015-11-29 11:44 - 00000000 ____D C:\Users\phili_000\AppData\Local\Hewlett-Packard
2015-11-29 11:43 - 2015-11-29 11:53 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-11-29 11:43 - 2015-11-29 11:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-11-29 11:42 - 2015-11-29 11:42 - 03795680 _____ (Oleg N. Scherbakov) C:\Users\phili_000\Downloads\HPSupportSolutionsFramework-12.0.30.219.exe
2015-11-29 09:38 - 2015-11-29 09:38 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\OpenOffice
2015-11-29 09:37 - 2015-12-02 22:18 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2015-11-29 09:37 - 2015-11-29 09:37 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-11-29 09:37 - 2015-11-29 09:37 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-11-29 09:34 - 2015-11-29 09:34 - 00000000 ____D C:\Users\phili_000\Desktop\OpenOffice 4.1.2 (de) Installation Files
2015-11-29 09:32 - 2015-11-29 09:34 - 164803434 _____ C:\Users\phili_000\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-11-29 09:24 - 2015-11-29 09:24 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Foxit Software
2015-11-29 09:19 - 2015-11-29 09:19 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\LibreOffice
2015-11-29 09:10 - 2015-11-29 09:13 - 245096448 _____ C:\Users\phili_000\Downloads\LibreOffice_5.0.3_Win_x64.msi
2015-11-28 19:23 - 2015-11-28 19:23 - 29833438 _____ C:\Users\phili_000\Downloads\vlc-2.2.1-win64.exe
2015-11-28 17:52 - 2015-12-02 22:18 - 00001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-11-28 17:52 - 2015-12-02 22:18 - 00001267 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Thunderbird
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Users\phili_000\AppData\Local\Thunderbird
2015-11-28 17:52 - 2015-11-28 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-11-28 17:49 - 2015-11-28 17:50 - 33877920 _____ (Mozilla) C:\Users\phili_000\Downloads\Thunderbird_Setup_38.4.0__1_.exe
2015-11-28 17:49 - 2015-11-28 17:50 - 06038585 _____ (Mozilla) C:\Users\phili_000\Downloads\Thunderbird_Setup_38.4.0__1_ (1).exe.j4e97d6.partial
2015-11-26 14:12 - 2015-11-26 14:13 - 00000000 ____D C:\Users\phili_000\Desktop\Games
2015-11-25 20:27 - 2015-11-21 07:21 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-11-25 20:27 - 2015-11-21 07:02 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-11-25 20:27 - 2015-11-21 06:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 20:27 - 2015-11-21 06:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-11-25 20:27 - 2015-11-21 06:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-11-25 00:05 - 2015-12-06 18:00 - 00000310 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_phili_000.job
2015-11-25 00:05 - 2015-12-06 17:59 - 00002512 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_phili_000
2015-11-25 00:05 - 2015-12-02 22:18 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-11-25 00:05 - 2015-12-02 22:18 - 00001428 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-11-25 00:05 - 2015-12-02 08:23 - 00000000 ____D C:\ProgramData\ProductData
2015-11-25 00:05 - 2015-12-01 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 11147552 _____ (IObit) C:\Users\phili_000\Downloads\iobit51uninstaller.exe
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ProductData
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Users\phili_000\AppData\LocalLow\IObit
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-11-25 00:05 - 2015-11-25 00:05 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-24 19:47 - 2015-11-24 19:47 - 00000000 ____D C:\Users\phili_000\AppData\Temp
2015-11-24 19:46 - 2015-11-24 19:46 - 00024817 _____ C:\ProgramData\1448390808.bdinstall.bin
2015-11-24 16:47 - 2015-11-24 16:47 - 00282000 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-11-24 16:15 - 2015-12-06 20:34 - 00010820 _____ C:\bdlog.txt
2015-11-24 16:11 - 2015-11-24 16:11 - 00445964 _____ C:\ProgramData\1448377674.bdinstall.bin
2015-11-24 16:11 - 2015-11-24 16:11 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-11-24 16:11 - 2015-11-24 16:11 - 00000385 _____ C:\Users\phili_000\AppData\Roaminguser_gensett.xml
2015-11-24 16:10 - 2015-12-02 22:18 - 00002209 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2015-11-24 16:10 - 2015-11-24 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-11-24 16:10 - 2015-11-24 16:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-11-24 16:10 - 2015-11-24 16:10 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-24 16:10 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-11-24 16:10 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-11-24 16:09 - 2015-11-26 14:28 - 00087920 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-11-24 16:09 - 2015-11-24 16:48 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2015-11-24 16:09 - 2015-11-24 16:47 - 01600512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-11-24 16:09 - 2015-11-24 16:46 - 00775424 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-11-24 16:08 - 2015-11-24 16:48 - 00000000 ____D C:\ProgramData\Bitdefender
2015-11-24 16:08 - 2015-11-24 16:15 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Bitdefender
2015-11-24 16:08 - 2015-11-24 16:08 - 00000000 ____D C:\Program Files\Bitdefender
2015-11-24 16:08 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-11-24 16:08 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-11-24 16:07 - 2015-11-24 16:08 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-11-24 16:03 - 2015-12-07 18:47 - 00000000 ____D C:\Program Files\Bitdefender Agent
2015-11-24 16:03 - 2015-11-24 16:03 - 07211368 _____ C:\Users\phili_000\Downloads\bitdefender_16isecurity.exe
2015-11-24 16:03 - 2015-11-24 16:03 - 07211368 _____ C:\Users\phili_000\Downloads\bitdefender_16isecurity (1).exe
2015-11-24 16:03 - 2015-11-24 16:03 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2015-11-24 12:33 - 2015-11-24 12:34 - 00000000 ____D C:\Users\phili_000\Desktop\Musik
2015-11-24 12:30 - 2015-11-24 12:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-11-24 11:47 - 2015-11-24 11:47 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\dlg
2015-11-24 11:46 - 2015-11-24 12:43 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\DVDVideoSoft
2015-11-24 11:46 - 2015-11-24 11:46 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-11-24 11:44 - 2015-12-02 23:15 - 00000000 ____D C:\ProgramData\1&1 Mail & Media GmbH
2015-11-23 09:26 - 2015-12-04 17:33 - 00000000 ____D C:\ProgramData\BatteryOptimizer.exe
2015-11-22 11:10 - 2015-11-22 13:33 - 302252144 _____ (NVIDIA Corporation) C:\Users\phili_000\Downloads\359.00-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-11-22 10:59 - 2015-11-22 10:59 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2015-11-22 10:59 - 2015-11-22 10:59 - 00000000 ____D C:\Users\phili_000\AppData\Local\CareCenter
2015-11-22 10:09 - 2015-11-22 10:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-21 10:09 - 2015-11-24 09:59 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-21 10:09 - 2015-11-24 09:59 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-21 10:09 - 2015-11-21 10:24 - 00003048 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-21 10:09 - 2015-11-21 10:24 - 00003048 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-21 09:07 - 2015-11-21 09:07 - 00000000 ____D C:\Users\phili_000\AppData\Local\Steam
2015-11-21 09:07 - 2015-11-21 09:07 - 00000000 ____D C:\Users\phili_000\AppData\Local\CEF
2015-11-21 08:49 - 2015-11-21 08:52 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2015-11-21 08:23 - 2015-12-06 18:03 - 00000000 ____D C:\AdwCleaner
2015-11-21 08:21 - 2015-11-21 08:22 - 01732096 _____ C:\Users\phili_000\Downloads\adwcleaner_5.021.exe
2015-11-20 22:16 - 2015-11-20 23:11 - 4020834304 _____ C:\Users\phili_000\Downloads\de_windows_10_multiple_editions_version_1511_x64_dvd_7223737.iso
2015-11-20 21:58 - 2015-11-20 21:59 - 00000000 ____D C:\Users\phili_000\AppData\Local\PackageStaging
2015-11-20 21:58 - 2015-11-20 21:58 - 00000000 ____D C:\ProgramData\USOShared
2015-11-20 18:24 - 2015-11-21 11:55 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-11-20 17:43 - 2015-12-02 22:18 - 00000908 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-20 17:43 - 2015-11-20 17:43 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-20 17:43 - 2015-11-20 17:43 - 00000000 ____D C:\Program Files\CCleaner
2015-11-20 17:42 - 2015-11-20 17:43 - 05524624 _____ (Piriform Ltd) C:\Users\phili_000\Downloads\ccsetup511_slim.exe
2015-11-20 17:41 - 2015-12-03 08:50 - 00000000 ____D C:\Users\phili_000\AppData\Local\MicrosoftEdge
2015-11-20 17:41 - 2015-12-02 22:18 - 00002373 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-20 17:41 - 2015-11-20 17:41 - 00000000 ____D C:\Users\phili_000\AppData\Local\NetworkTiles
2015-11-20 17:40 - 2015-11-20 17:40 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-11-20 17:38 - 2015-11-20 17:38 - 00000000 ____D C:\Users\phili_000\AppData\Local\Publishers
2015-11-20 17:38 - 2015-11-20 17:38 - 00000000 ____D C:\Users\phili_000\AppData\Local\ActiveSync
2015-11-20 17:37 - 2015-11-20 17:37 - 00000000 ____D C:\Users\phili_000\AppData\Local\Comms
2015-11-20 17:36 - 2015-11-20 17:36 - 00000020 ___SH C:\Users\phili_000\ntuser.ini
2015-11-20 17:36 - 2015-11-20 17:36 - 00000000 ____D C:\Users\phili_000\AppData\Local\TileDataLayer
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-11-20 17:35 - 2015-11-20 17:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-11-20 17:32 - 2015-11-20 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-20 17:31 - 2015-12-06 20:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-20 17:29 - 2015-12-06 20:41 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-20 17:21 - 2015-12-02 22:18 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-20 17:21 - 2015-11-20 17:21 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-11-20 17:21 - 2015-11-20 17:21 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-11-20 17:18 - 2015-11-20 17:18 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-11-20 17:17 - 2015-12-03 10:00 - 00000000 ____D C:\Users\phili_000
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Vorlagen
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Startmenü
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Netzwerkumgebung
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Lokale Einstellungen
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Eigene Dateien
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Druckumgebung
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Videos
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Musik
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Documents\Eigene Bilder
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Local\Verlauf
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\AppData\Local\Anwendungsdaten
2015-11-20 17:17 - 2015-11-20 17:17 - 00000000 _SHDL C:\Users\phili_000\Anwendungsdaten
2015-11-20 17:14 - 2015-12-06 20:36 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-20 17:14 - 2015-11-20 17:14 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-20 17:14 - 2015-11-20 17:14 - 00000000 ____D C:\Program Files\Realtek
2015-11-20 17:14 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-11-20 17:14 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-11-20 17:13 - 2015-12-01 21:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 17:13 - 2015-11-24 20:32 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-20 17:13 - 2015-11-24 20:32 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-20 17:13 - 2015-11-24 20:32 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-20 17:13 - 2015-11-23 21:35 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-11-20 17:13 - 2015-11-20 17:19 - 00000000 ____D C:\Program Files\Intel
2015-11-20 17:13 - 2015-11-20 17:13 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-11-20 17:12 - 2015-12-01 21:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:12 - 2015-12-01 21:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-20 17:12 - 2015-11-20 17:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-11-20 17:12 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-11-20 17:08 - 2015-11-29 11:55 - 00219544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-20 17:07 - 2015-11-20 17:44 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-20 17:04 - 2015-11-20 17:04 - 00000000 ____D C:\Windows.old
2015-11-20 17:03 - 2015-11-20 17:03 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-11-20 17:03 - 2015-11-20 17:03 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-11-20 17:03 - 2015-11-20 17:03 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-11-20 17:03 - 2015-11-20 17:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-11-20 17:03 - 2015-11-20 17:03 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-11-20 17:03 - 2015-11-20 17:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-11-20 17:02 - 2015-11-20 17:02 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files\MSBuild
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-20 17:00 - 2015-11-20 17:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-20 16:59 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-20 16:59 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-20 16:59 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-20 16:59 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-20 16:24 - 2015-11-20 16:42 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-20 16:23 - 2015-11-20 17:33 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-11-20 16:23 - 2015-11-20 17:33 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-11-20 16:22 - 2015-11-20 16:22 - 00000000 ____D C:\ESD
2015-11-20 15:54 - 2015-11-20 15:54 - 00000000 ___HD C:\$Windows.~WS
2015-11-20 15:50 - 2015-12-06 18:03 - 00000000 ____D C:\Users\phili_000\AppData\Local\CrashDumps
2015-11-19 22:09 - 2015-11-20 17:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
2015-11-19 22:09 - 2015-11-19 23:11 - 00000000 ____D C:\ProgramData\HappyCloud
2015-11-19 22:09 - 2015-11-19 22:09 - 00000000 ____D C:\AeriaGames
2015-11-19 22:08 - 2015-11-19 22:08 - 10488168 _____ C:\Users\phili_000\Downloads\EchoOfSoulProgressive_de_5.88.exe
2015-11-19 21:57 - 2015-11-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE)
2015-11-19 21:31 - 2015-12-01 18:24 - 00000000 ____D C:\Users\phili_000\Downloads\Gameforge Live
2015-11-19 21:31 - 2015-11-19 21:31 - 00000000 ____D C:\Users\phili_000\AppData\Local\Gameforge4d
2015-11-19 21:30 - 2015-11-19 21:30 - 20232352 _____ (Gameforge ) C:\Users\phili_000\Downloads\NosTale_GameforgeLiveSetup.exe
2015-11-19 21:28 - 2015-12-02 22:18 - 00001766 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-19 21:28 - 2015-11-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-19 21:28 - 2015-11-19 21:44 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Apple Computer
2015-11-19 21:28 - 2015-11-19 21:28 - 00000000 ____D C:\Users\phili_000\AppData\Local\Apple Computer
2015-11-19 21:27 - 2015-12-02 22:18 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-19 21:27 - 2015-11-19 21:28 - 00000000 ____D C:\Program Files\iTunes
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Users\phili_000\AppData\Local\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\iPod
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files\Bonjour
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-19 21:27 - 2015-11-19 21:27 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-19 21:26 - 2015-11-19 21:27 - 00000000 ____D C:\ProgramData\Apple
2015-11-19 21:19 - 2015-11-19 21:19 - 00000000 ____D C:\Users\phili_000\AppData\Local\Acer Aspire R7 Tutorial
2015-11-19 21:16 - 2015-11-19 21:26 - 167839512 _____ (Apple Inc.) C:\Users\phili_000\Downloads\iTunes6464Setup.exe
2015-11-19 20:58 - 2015-12-02 22:18 - 00001022 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 20:58 - 2015-12-02 22:18 - 00001004 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 20:58 - 2015-12-02 08:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 20:47 - 2015-11-29 11:45 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-19 19:46 - 2015-11-23 22:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-19 19:46 - 2015-11-19 21:16 - 00000000 ____D C:\Users\phili_000\AppData\Local\Mozilla
2015-11-19 19:46 - 2015-11-19 19:46 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Mozilla
2015-11-19 19:44 - 2015-11-19 19:44 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Macromedia
2015-11-19 19:40 - 2015-12-07 15:54 - 00004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{143AB530-EDC0-4790-BBDC-E979581784E8}
2015-11-19 19:40 - 2015-11-19 19:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Google
2015-11-19 19:34 - 2015-11-20 17:32 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-1002
2015-11-19 19:32 - 2015-11-20 18:21 - 00000000 ___RD C:\Users\phili_000\OneDrive
2015-11-19 19:31 - 2015-12-02 22:18 - 00002309 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-11-19 19:30 - 2015-12-02 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\clear.fi
2015-11-19 19:29 - 2015-12-07 09:35 - 00000000 ____D C:\Users\phili_000\AppData\Local\Packages
2015-11-19 19:29 - 2015-12-02 22:18 - 00001279 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\PicStream
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Atheros
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Adobe
2015-11-19 19:29 - 2015-11-19 19:29 - 00000000 ____D C:\Users\phili_000\AppData\Local\AOP SDK
2015-11-19 19:28 - 2015-12-06 20:36 - 00000000 __SHD C:\Users\phili_000\IntelGraphicsProfiles
2015-11-19 19:28 - 2015-12-02 23:15 - 00000000 ____D C:\Users\phili_000\AppData\Local\VirtualStore
2015-11-19 19:28 - 2015-12-01 21:18 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA Corporation
2015-11-19 19:28 - 2015-11-29 12:01 - 00000000 ____D C:\Users\phili_000\AppData\Local\Google
2015-11-19 19:28 - 2015-11-22 08:46 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2015-11-19 19:28 - 2015-11-19 21:14 - 00000000 ____D C:\Users\phili_000\AppData\Local\SweetLabs App Platform
2015-11-19 19:28 - 2015-11-19 19:28 - 00000000 ____D C:\Users\phili_000\AppData\Local\OEM

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 19:04 - 2015-02-08 18:29 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-07 15:43 - 2015-03-15 10:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-07 09:35 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-07 09:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-06 20:41 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-06 20:41 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-06 20:41 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-06 20:37 - 2015-02-08 18:29 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-06 20:35 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-06 18:05 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-05 19:53 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-04 16:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 08:59 - 2015-02-08 18:29 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 08:59 - 2015-02-08 18:29 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 10:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-03 10:25 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-02 23:32 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\SKB
2015-12-02 22:18 - 2014-09-25 23:52 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-12-02 22:18 - 2014-09-25 23:43 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-12-02 20:27 - 2014-09-25 23:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-02 20:27 - 2014-09-25 23:45 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 20:23 - 2014-07-14 19:33 - 00000000 ___HD C:\OEM
2015-12-01 21:27 - 2014-09-25 23:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-30 13:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-29 12:01 - 2015-02-08 18:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-29 09:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-26 14:16 - 2015-07-20 16:41 - 00003418 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-11-26 01:34 - 2015-07-13 20:45 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-25 00:07 - 2015-07-13 20:45 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-25 00:07 - 2015-07-13 20:45 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-25 00:07 - 2015-07-13 20:45 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-23 10:11 - 2015-02-08 11:58 - 00000000 ____D C:\Users\Public\OEM
2015-11-23 10:11 - 2014-09-25 23:45 - 00000000 ____D C:\Program Files\Acer
2015-11-22 10:59 - 2014-09-25 23:45 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2015-11-22 10:59 - 2014-09-25 23:45 - 00004614 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2015-11-22 10:59 - 2014-09-25 23:45 - 00003846 _____ C:\WINDOWS\System32\Tasks\ACC
2015-11-22 10:59 - 2014-09-25 23:45 - 00000000 ____D C:\ProgramData\Acer
2015-11-21 10:24 - 2015-02-08 18:27 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-21 09:16 - 2015-08-16 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
2015-11-21 09:16 - 2015-07-18 13:06 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-21 09:16 - 2014-09-25 23:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-21 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-20 22:03 - 2015-02-25 19:24 - 00027966 _____ C:\IFRToolLog.txt
2015-11-20 22:03 - 2014-09-25 23:36 - 00003838 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-11-20 22:03 - 2014-09-25 23:36 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-11-20 21:58 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-11-20 18:20 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-11-20 18:19 - 2014-09-25 23:37 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-11-20 17:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-20 17:37 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-11-20 17:36 - 2015-02-07 18:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-20 17:36 - 2014-09-25 22:46 - 00000000 ___HD C:\Intel
2015-11-20 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-11-20 17:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-20 17:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-11-20 17:32 - 2015-03-15 10:30 - 00002952 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-20 17:32 - 2015-02-08 18:34 - 00002370 _____ C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-1645853366-4108103990-173416813-1001
2015-11-20 17:32 - 2015-02-07 13:05 - 00003106 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA7026E4-1EEE-4C0B-8761-39E9C07B941B}
2015-11-20 17:32 - 2015-02-07 13:04 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-1001
2015-11-20 17:32 - 2014-09-26 00:07 - 00002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1645853366-4108103990-173416813-500
2015-11-20 17:32 - 2014-09-25 23:52 - 00002574 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2015-11-20 17:32 - 2014-09-25 23:51 - 00002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-11-20 17:32 - 2014-09-25 23:45 - 00002096 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-11-20 17:31 - 2015-10-31 11:39 - 00002488 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform
2015-11-20 17:31 - 2014-09-25 23:52 - 00002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2015-11-20 17:31 - 2014-09-25 23:52 - 00002062 _____ C:\WINDOWS\System32\Tasks\Quick Access
2015-11-20 17:31 - 2014-09-25 23:39 - 00002118 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-11-20 17:27 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-20 17:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-11-20 17:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-20 17:23 - 2015-02-23 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-20 17:23 - 2015-02-08 18:39 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-11-20 17:23 - 2015-02-08 18:39 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-11-20 17:23 - 2015-02-08 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-20 17:23 - 2014-09-25 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-11-20 17:23 - 2014-09-25 23:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-11-20 17:23 - 2014-09-25 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-11-20 17:21 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-11-20 17:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-11-20 17:20 - 2015-02-10 16:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-20 17:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-11-20 17:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-11-20 17:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-11-20 17:19 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-20 17:19 - 2015-03-06 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Innonics
2015-11-20 17:19 - 2014-09-25 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-11-20 17:19 - 2014-09-25 23:25 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-11-20 17:19 - 2014-07-14 18:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-20 17:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-11-20 17:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-11-20 17:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-11-20 17:09 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-11-20 17:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-20 17:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-20 17:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-11-20 17:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-11-20 17:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-11-20 17:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-11-20 17:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-11-20 17:00 - 2015-10-30 08:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-11-20 17:00 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-11-20 17:00 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-11-19 19:37 - 2015-02-07 12:58 - 00000000 ____D C:\Users\RichardSpeckmaier
2015-11-19 19:35 - 2015-02-07 12:59 - 00000000 ____D C:\Users\RichardSpeckmaier\AppData\Local\AOP SDK
2015-11-19 19:29 - 2015-02-07 12:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-11-18 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-11-15 10:17 - 2015-08-16 21:05 - 00000000 ____D C:\ProgramData\Firefly Studios
2015-11-14 20:31 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-14 14:05 - 2015-02-10 16:14 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-08 20:57 - 2015-04-03 14:17 - 00183112 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-24 16:11 - 2015-11-24 16:11 - 0445964 _____ () C:\ProgramData\1448377674.bdinstall.bin
2015-11-24 19:46 - 2015-11-24 19:46 - 0024817 _____ () C:\ProgramData\1448390808.bdinstall.bin
2015-12-01 12:39 - 2015-12-01 12:39 - 0026298 _____ () C:\ProgramData\1448969942.bdinstall.bin
2015-12-01 12:48 - 2015-12-01 12:48 - 0024833 _____ () C:\ProgramData\1448970485.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 0024833 _____ () C:\ProgramData\1448970549.bdinstall.bin
2015-12-01 12:49 - 2015-12-01 12:49 - 0024833 _____ () C:\ProgramData\1448970555.bdinstall.bin
2015-12-01 12:54 - 2015-12-01 12:54 - 0026369 _____ () C:\ProgramData\1448970878.bdinstall.bin
2015-12-01 13:02 - 2015-12-01 13:02 - 0024570 _____ () C:\ProgramData\1448971361.bdinstall.bin
2015-12-01 13:03 - 2015-12-01 13:03 - 0024570 _____ () C:\ProgramData\1448971416.bdinstall.bin
2015-12-01 13:14 - 2015-12-01 13:14 - 0024819 _____ () C:\ProgramData\1448972057.bdinstall.bin
2015-11-29 11:48 - 2015-11-29 11:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-11-20 17:14 - 2015-11-20 17:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\BatteryOptimizer.exe


Einige Dateien in TEMP:
====================
C:\Users\phili_000\AppData\Local\Temp\res.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\dik.exe
C:\Windows\mdik.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-30 23:47

==================== Ende von FRST.txt ============================
--- --- ---

Sc@rf@ce 07.12.2015 19:34
PHP-Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64Version:05-12-2015
durchgeführt von phili_000 (2015-12-07 19:31:04)
Gestartet von C:\Users\phili_000\Downloads
Windows 10 Home (X64) (2015-11-20 16:35:55)
Start-ModusNormal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1645853366-4108103990-173416813-500 Administrator Disabled)
DefaultAccount (S-1-5-21-1645853366-4108103990-173416813-503 Limited Disabled)
Gast (S-1-5-21-1645853366-4108103990-173416813-501 Limited Disabled)
phili_000 (S-1-5-21-1645853366-4108103990-173416813-1002 Administrator Enabled) => C:\Users\phili_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er entfernt.)

AVBitdefender Antivirus (Enabled Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AVWindows Defender (Disabled Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FWBitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werdenum sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version1.09.2001 Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version3.02.2001 Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version2.00.3002 Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version2.09.2002.1 Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version3.06.2000.22 Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version2.00.3006 Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version2.00.3000 Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version8.00.8107 Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version3.09.2001 Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version7.00.8105 Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version1.01.3016.0 Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version1.02.3004 Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version1.02.3004 Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version1.00.2005.0 Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version19.0.0.245 Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version3.13.2000.0 Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version4.1 Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version4.1 Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version9.1.0.6 Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version2.1.4.131 Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version20.0.18.1035 Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version20.0.20.1143 Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version3.1.0.1 Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version5.11 Piriform)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version10.0.0.4220 CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version7.6.3.1 Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version2.4.0105 OEM)
Echo of Soul (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\echoofsoul_de) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version6.0.120.609 Foxit Corporation)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version2.0.8 Gameforge)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version7.5.6904.2028 Google Inc.)
Google Toolbar for Internet Explorer (x32 Version1.0.0 Google Inc.) Hidden
Google Update Helper (x32 Version1.3.21.169 Google Inc.) Hidden
Google Update Helper (x32 Version1.3.29.1 Google Inc.) Hidden
Happy Cloud Client (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\HappyCloud) (Version5.88 Happy CloudInc.)
Host App Service (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_AP) (Version0.269.7.800 Pokki)
HP Officejet Pro 8600 Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version28.0.1315.0 Hewlett-Packard Co.)
Intel(RManagement Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version10.0.0.1168 Intel Corporation)
Intel(RProcessor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version10.18.10.3643 Intel Corporation)
Intel(RTechnology Access (HKLM-x32\...\{1c3caad7-d0ad-4f7c-87e0-f47627304993}) (Version1.3.3.1036 Intel Corporation)
Intel(RUpdate Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version3.1.1228 Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version10.0.20 Intel(RCorporationHidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version5.1.0.7 IObit)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version12.3.1.23 Apple Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version2.2.0.1024 Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version15.0.4569.1506 Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version4.0.60310.0 Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version8.0.59193 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version9.0.30729 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version9.0.30729.6161 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version9.0.30729 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version9.0.30729.4148 Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version9.0.30729.6161 Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version10.0.40219 Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version10.0.40219 Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version11.0.61030.0 Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version11.0.61030.0 Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version11.0.61030.0 Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version12.0.30501.0 Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version12.0.30501.0 Microsoft Corporation)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version38.4.0 Mozilla)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version2.7.4.10 NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version359.06 NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version9.15.0428 NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version4.12.9782 Apache Software Foundation)
Pokki Start Menu (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_Start_Menu) (Version0.269.7.800 Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version8.0.1.322 Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version12.33 Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version6.3.9600.39059 Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version8.32.508.2014 Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version6.0.1.7260 Realtek Semiconductor Corp.)
SHIELD Streaming (Version4.1.0240 NVIDIA CorporationHidden
SHIELD Wireless Controller Driver (Version2.7.4.10 NVIDIA CorporationHidden
Spotify (HKLM-x32\...\Spotify) (Version0.9.6.81.gd359a796 Spotify AB)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version10.0.47484 TeamViewer)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSIDHKU\S-1-5-21-1645853366-4108103990-173416813-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

25-11-2015 20:38:43 Windows Update
28-11-2015 08:54:32 Windows Modules Installer
28-11-2015 18:10:33 Ashampoo AntiSpy for Windows® 10
29-11-2015 09:16:41 Installed LibreOffice 5.0.3.2
29-11-2015 09:34:32 Installed Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.6161
29-11-2015 09:34:57 Installed Microsoft Visual C++ 2008 Redistributable x86 9.0.30729.6161
29-11-2015 09:36:06 OpenOffice 4.1.2 wird installiert
29-11-2015 11:42:59 Installed HP Support Solutions Framework
01-12-2015 21:26:37 NVIDIA PhysX wird entfernt
03-12-2015 09:59:34 Malwarebytes Anti-Rootkit Restore Point
05-12-2015 19:44:54 Prüfpunkt von HitmanPro

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der HostsSchalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 2015-12-07 18:47 00000873 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1            d3oxij66pru1i3.cloudfront.net

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05E89F7B-1BD6-4E69-B40E-3CDA22756C1D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {1C760AE0-4691-4050-9BF1-CABB04392B9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B9E5DC8-5368-4C5E-86DE-55D70B663B73} - System32\Tasks\avastBCLRestartS-1-5-21-1645853366-4108103990-173416813-1001 => Firefox.exe 
Task: {2CE9A845-AE5F-49CC-BF26-BFB9E76C1CDD} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {2E1BB0AE-80DF-4F6A-B714-0E2925A46F1D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(RUpdate Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {2E4649AB-9548-4B78-A425-F26CEDD612A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {361016F7-22F1-465D-8DC6-9D81F56D6ED6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3D9E8952-D3FF-4CDF-8EDB-E7D70363415D} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {406A5269-A884-4944-A972-5CFBD1ECD2C3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4BD0A954-CA58-4DCD-B77B-5F471E0B113E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {58E2506F-DC3E-4BAC-9999-730BCCCFABCC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
Task: {5C6BDC37-2A32-41E6-BCDF-34DB0CAA9D21} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {6CD1D35F-BD0B-4DFB-BB48-AA96093C17F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {6E92E7A9-967C-479D-91E3-4F3F5961A6F5} - System32\Tasks\SweetLabs App Platform => C:\Users\phili_000\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {767D0157-7D18-4AB2-B8A4-0AA8699CC374} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {788B4AFD-B011-46D1-85CB-E6FBECB274C6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {855851BA-57EF-4783-B465-64796561A4EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {8AF85D1F-2AB4-46FB-B1A8-B31F857609E5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {8D40EBCB-6231-4A60-B5A4-6C2FB3542CCF} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {9C1C0420-BBA6-440B-8272-94335B0775B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AE411750-82DE-4D42-BB75-C6A7B1E83785} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(RUpdate Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B3A6CB7B-4BF7-4260-A188-730BEA18A52C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
Task: {B6B3E581-B66D-4C9E-89AC-C8C70333FF38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {B831B44E-5D36-4D76-8EAF-C5BFBE28B56D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {C1E8DF03-5C42-4F07-A471-1EE77E82A216} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CB484BCB-C662-4897-BF88-0B3629A1ADCE} - System32\Tasks\Uninstaller_SkipUac_phili_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-20] (IObit)
Task: {E3ACD859-7468-42CE-B74D-45CAD37A45BE} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {FED387BA-70B3-4608-A80F-EB0B247E80FF} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wirdwird nicht verschoben.)

TaskC:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
TaskC:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
TaskC:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
TaskC:\WINDOWS\Tasks\Uninstaller_SkipUac_phili_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werdenum sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 2015-10-30 08:17 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 2015-10-30 08:18 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-24 16:09 2013-09-03 13:29 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-04 08:40 2015-12-04 08:40 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpbr.mdl
2015-12-04 08:40 2015-12-04 08:40 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpdsp.mdl
2015-12-04 08:40 2015-12-04 08:40 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpph.mdl
2015-12-04 08:40 2015-12-04 08:40 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttprbl.mdl
2015-11-20 17:13 2015-11-24 20:32 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 2015-10-13 05:45 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 2015-10-13 05:45 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-08 11:06 2015-02-08 11:06 00087552 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\libglog.dll
2015-02-08 11:20 2015-02-08 11:20 01793248 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\cpprest120_1_4.dll
2015-02-08 11:20 2015-02-08 11:20 00355040 _____ () C:\Program Files\Intel Corporation\Intel(RTechnology Access\JsonCpp.dll
2014-09-25 23:49 2012-04-24 11:43 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-12-03 08:14 2015-11-22 11:47 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 2015-11-22 11:47 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-25 23:55 2014-07-01 13:13 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-11-22 08:33 2015-11-22 08:34 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 08:14 2015-11-22 10:18 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-03 08:14 2015-11-22 10:19 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:17 2015-10-30 08:17 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 2015-10-30 08:17 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:17 2015-10-30 08:17 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-03 08:14 2015-11-22 10:23 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-03 08:14 2015-11-22 10:20 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-03 08:14 2015-11-22 10:21 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-03 08:14 2015-11-22 10:18 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 08:18 2015-10-30 19:44 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 08:18 2015-10-30 19:44 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 08:18 2015-10-30 19:44 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 08:18 2015-10-30 19:44 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 08:18 2015-10-30 19:44 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 08:18 2015-10-30 19:44 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 08:18 2015-10-30 19:44 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 08:18 2015-10-30 19:44 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 08:18 2015-10-30 19:43 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-09-30 20:39 2015-09-30 20:39 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-11-23 18:44 2015-11-23 18:44 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-07-17 14:39 2015-07-17 14:39 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-11-20 23:10 2015-11-20 23:10 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-20 23:10 2015-11-20 23:10 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-12-07 09:35 2015-12-07 09:35 00017408 _____ () C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.0.258.0_x86__vk8qsnw174y90\Kobo.Universal.exe
2015-11-26 14:29 2015-11-26 14:29 00475712 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2015-11-24 16:10 2015-11-26 14:28 00157696 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2015-11-24 16:10 2015-10-26 11:44 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2015-11-24 16:10 2015-10-26 11:44 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2015-11-26 14:29 2015-11-26 14:29 00051352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2015-11-25 00:05 2015-09-21 10:49 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-11-22 08:33 2015-11-22 08:34 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-11-22 08:33 2015-11-22 08:34 02907648 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2015-11-22 08:33 2015-11-22 08:34 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2015-11-22 08:33 2015-11-22 08:34 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-01 21:18 2015-11-12 19:39 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-25 00:05 2015-09-21 10:49 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-25 00:05 2015-09-21 10:49 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-25 00:05 2015-09-21 10:49 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-02-19 17:51 2014-02-19 17:51 01241560 _____ () C:\Program Files (x86)\Intel\Intel(RManagement Engine Components\LMS\ACE.dll
2015-11-16 19:55 2015-11-16 19:55 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 2015-11-16 19:56 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 2015-11-16 19:56 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 2015-11-16 19:56 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-12-02 20:23 2015-12-02 20:23 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 2015-11-17 11:11 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-17 11:10 2015-11-17 11:10 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-19 14:39 2015-11-19 14:39 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 2015-11-19 14:39 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-12-07 09:35 2015-12-07 09:35 26124800 _____ () C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.0.258.0_x86__vk8qsnw174y90\Kobo.Universal.dll
2015-11-28 17:52 2015-11-19 16:43 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-11-28 17:52 2015-11-19 16:43 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird nur der ADS entfernt.)

AlternateDataStreamsC:\Program Files\Bitdefender Agent:Win32App_1
AlternateDataStreamsC:\Program Files\Bonjour:Win32App_1
AlternateDataStreamsC:\Program Files\CCleaner:Win32App_1
AlternateDataStreamsC:\Program Files\CyberGhost 5:Win32App_1
AlternateDataStreamsC:\Program Files\Dolby Digital Plus:Win32App_1
AlternateDataStreamsC:\Program Files\iTunes:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Foxit PhantomPDF:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Microsoft Silverlight:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Mozilla Thunderbird:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\OpenOffice 4:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Qualcomm Atheros:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreamsC:\Program Files (x86)\TeamViewer:Win32App_1
AlternateDataStreamsC:\ProgramData\HP:Win32App_1
AlternateDataStreamsC:\ProgramData\regid.1991-06.com.microsoft:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entferntDer Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt.)

IE trusted siteHKU\.DEFAULT\...\localhost -> localhost
IE trusted siteHKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted siteHKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\localhost -> localhost
IE trusted siteHKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Control Panel\Desktop\\Wallpaper -> c:\users\phili_000\pictures\wallpapers\bitdefender_wallpaper.png
DNS Servers192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin5) (ConsentPromptBehaviorUser3) (EnableLUA1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wirdwird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (AllowLPort=139
FirewallRules: [{EAB8735A-151B-403B-B88F-1582A303489A}] => (Allowe:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1A31FE46-DFEE-448D-A92E-B5C853E4ED5F}] => (AllowC:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16F970D2-0B81-47F3-A6C0-4557C0A5F41C}] => (AllowC:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{745A43D9-B26D-45FE-8224-B1B6EB2DD6F2}] => (AllowC:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7848EDF7-09E0-41C2-9332-102B6A791904}] => (AllowC:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43F058C6-8629-4E00-978B-56EFE60CD4E6}] => (AllowC:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82A7F785-09D3-4595-B862-4007B9D00CA3}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{091DE39B-7857-4260-9449-775F81D7C7E0}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24776E35-292B-413B-B9C8-7D0A7FEA1DF5}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E1121A28-72F9-49BB-8ACE-098CFB39EBDF}] => (AllowC:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E0F976C4-895D-46EE-9A7C-7B910C6D6021}] => (AllowC:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF00EA-55D2-49CE-8095-F3A1D8B1102B}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{25A0C4E7-F6FA-4146-8E8D-41BCEBCDC97E}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AE736457-4501-4A05-AC87-88BF7F894AD0}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BE785E5-B5AB-4CB0-A0DF-E014A79D3BB1}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (BlockE:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{D29DFEE0-C82B-493D-9149-69FB5B2E9530}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (BlockE:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [{C24D4B80-55A6-4019-B105-C8091988DB7E}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{518F0370-FC78-460A-A21E-88A91239C90F}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{23BB4802-2C94-4B02-AA2D-0ECB9D8CC13F}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{00770616-366A-4E02-82F7-92065974FD87}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{51B8A707-02A7-47D4-8214-FDFC6B0A4B47}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{64B060E5-8409-46BB-BA88-2D4CFE3ACA4D}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B89A7649-741C-4FD1-A1B2-B4EEAE0CE51D}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F1BD5625-099F-40D2-A95C-9BD97C7EC930}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B6D060D-AA3E-4AB8-BBB6-F7A49BD4CD6C}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CC32FFD-9E00-4CAB-B132-4D93B2D4C943}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4FB7F668-4218-4909-A82E-BFB4CB66E555}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90FB0F21-F7E1-49AE-8702-DE0771A9D9D9}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{FE43D7FD-05B0-46CE-9A83-45381D3D18F0}E:\diablo iii\diablo iii.exe] => (BlockE:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{10A3A6DD-7313-4F56-9472-A437144127B4}E:\diablo iii\diablo iii.exe] => (BlockE:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F4710D58-C36F-401C-875E-29411CFD3F5A}E:\diablo iii\diablo iii.exe] => (AllowE:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9733DCB6-3566-4805-8297-D3BD96153F20}E:\diablo iii\diablo iii.exe] => (AllowE:\diablo iii\diablo iii.exe
FirewallRules: [{03C1A66A-EE75-4222-B884-AFB927A12A71}] => (AllowE:\Battle.net\Battle.net.exe
FirewallRules: [{1AF19AFD-8BEF-4593-8A41-B5B09C559698}] => (AllowE:\Battle.net\Battle.net.exe
FirewallRules: [{6D22436B-8711-4C21-9A5E-E5A47E6F3E89}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A85D6835-1A98-4549-840C-FE2F2126E12A}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{81C67D0C-01E4-4911-8576-61C2AFD7A029}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{901899D8-EFA0-4445-9E7C-11DF99345249}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0F83CA-8701-4FA2-A44F-7E8265C8D25B}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1B46857-2746-4158-9BF5-80738E786850}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EFE4FA4-6FDE-46FE-9129-8A7F494612A8}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{38FCADEA-F703-4145-BB14-B48F4BD00718}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{692F1E5F-F180-4AAE-84AE-63736D418985}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BFA36618-6677-4020-BBBC-81F46AD3A8B3}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{47463F43-2730-4313-9F5C-92E0070C6C3D}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{635D6D07-964E-40DF-9844-81462935DEB7}] => (AllowE:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{B1750942-7B15-4A8D-8CBD-32E4F7CA16B7}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E1DFF03-9D12-447F-99DA-A0A915E4715A}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70EC2521-4246-4A5C-B20B-21B2C28E3C92}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BDEA5603-9469-452C-93AF-2BD7E3808CEC}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5E35023-0F8B-49E1-B525-582A9BBFA350}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EEEF414B-EBA5-44CA-856A-E64005EB71DF}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{86FAF3DD-4824-4AB4-A2A3-A10D4DAB57D5}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F517E3DE-86B9-45D3-B755-E492FDAC63FC}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{9092B7DB-A511-4687-B7D6-B8265DAF7867}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (AllowE:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [TCP Query User{FE4D403A-03FD-4DEC-87DD-56BCFE1F692D}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (AllowE:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [{6C1793D6-1AEF-4992-A5EA-836A32DD8A94}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8F7264C-805D-4848-859C-EBDA60B7365E}] => (AllowC:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777C3F7A-7D16-4429-9878-CD4FEC42EC4D}] => (AllowE:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E1BB0E9-6C33-4394-95EC-EBD45601B034}] => (AllowE:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E9F7A58-3BF3-4C1C-A2D0-4DECA53E95FC}] => (AllowE:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E85459EA-229C-4E11-A283-BE8EF5FD9A0A}] => (AllowE:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{95E1DFE4-7B5F-4691-935C-85355548E966}E:\program files (x86)\tmnationsforever\tmforever.exe] => (AllowE:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7C243CC-7B4D-46EC-9B87-D983C20E7F53}E:\program files (x86)\tmnationsforever\tmforever.exe] => (AllowE:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{55C16FEC-B652-4CB7-989B-82985F5F4E43}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{741430D6-F280-44AA-A83A-8DB76632634C}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08545E10-B9B4-42EA-AE96-A557D77171D3}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{48F56680-16AE-462D-B657-716FE78A366A}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{575423AF-095A-403E-B4FB-1D73CABDED52}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F20E06C-B1FE-4332-9677-09D98211C96F}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{42FE248F-E58D-426A-9244-6DA28ADFF287}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE5C3A0A-5BED-4036-B7AE-98725B2B34E8}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9597564E-A41C-409F-9CA7-B62D8DBAA027}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{17D5B3C2-47F9-410E-BF95-780C07A2F08F}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E638CA19-0729-490B-A581-2232887EE232}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5804532F-757F-4E0A-A044-FF892F7ADE0C}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4A98E89B-871C-43AB-B38C-B15FA85AF2FF}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4FFDB9D9-B636-4AA7-937A-82910457D0F8}] => (AllowC:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8CAAABC1-8DF9-4723-BFFD-98E16CB9BC64}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{81CDF4B6-460F-4C91-992E-0A432E22BD18}] => (AllowC:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{02F34962-0520-402A-A985-7C8AE1882FAD}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{74EA1C5C-1120-4036-87F0-71D854EB0F72}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ADDD2A26-31CD-4118-A4B8-11ADBBDEFD14}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{8D97AC3B-016E-43C3-9852-9F5F4B6CAE0C}] => (AllowC:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{65F2A37E-8384-498D-96E3-94C1BE9C9AE9}] => (AllowC:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0EE2B935-09D0-45BA-A801-7C08D494BBAB}] => (AllowC:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AFD454D4-DDB9-473C-99E0-7D4E1A5F1213}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D32DC2A6-55B8-463C-B917-A3F1BB6373C7}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A28E3453-FFA9-4C36-9B0D-12A66417D0BF}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E3B6E9CD-41CE-47E3-B1B8-381A8E7D5A69}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA040229-43D7-45E4-B53E-7CEF05935DF4}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F05DEEAC-2726-4AD5-BE08-496E396684D0}] => (AllowC:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E06E4E9A-AD29-4FB2-97E2-8191EF1B1206}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{37D1E2B0-DE80-4B78-B8C5-F7B415216608}] => (AllowC:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6D73076-49B0-436A-B94B-D5A735804234}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1FBD3F84-1DE3-4203-95C8-AAFB85FEB983}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B73DCF7B-F06C-418E-8B14-19724F141474}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{158FAA4C-60FB-439D-9771-9F094968C1E0}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6E9E5F5F-4578-444B-8101-E5EF6EC6AB9F}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ED8C21C5-36E9-4C29-85A6-FF334B15CD3F}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C8C8775A-8791-42B4-B074-17826EFC0FEF}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4736CBBB-F912-464A-BF51-1EB1F1E47B66}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B4780E33-E05B-490C-B24E-295B8196915A}] => (AllowC:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A236F4A-CD1C-4225-899F-F191A3F8CDAA}] => (AllowC:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{45BD9621-4D3D-49D2-ABF6-D04E5C7CA913}] => (AllowC:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EFDA2C5C-AF34-4572-B27D-7885024C6588}] => (AllowC:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{345FA44C-AE48-4A65-BAAE-F158740E9F9C}] => (AllowC:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (AllowC:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{B9CF93F0-7FD9-4280-B23B-3943630B054D}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{A337FD61-4FD2-42DD-83B9-4CB3B13C6E68}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{6B55CDCC-76F7-4D49-8D86-F06D5C314882}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{8080E4D2-9C47-4621-8914-20A408AD7B17}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (AllowC:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [{9ECE984B-A4F1-45E4-AE4E-FAD40C7E66CF}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D324842A-781F-4E89-9E34-87725F89A9F0}] => (AllowC:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{76A6DECD-F301-444F-8600-A855CFE2D485}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D6541334-5960-4B06-A23F-6E58F4C13634}] => (AllowC:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5843DCFF-0EDB-4E5A-9835-661734BCB820}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{8C40B3B6-C5D0-4315-9A3F-65CF22D30C8C}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{38E14C17-7818-4088-82ED-E508D14EA669}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{7243BAD5-52BB-4592-ACFB-FA7059CF41BA}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{A9E53B59-F72F-468B-907A-22854052160C}] => (AllowLPort=5357
FirewallRules: [{E7635B80-EF10-4178-BCDE-12AB2683B9AE}] => (AllowC:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{68E12751-6AE5-42E1-BB47-420AD7E531C7}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{BD8BC519-4800-4BEC-9D5F-43F828805046}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{F34B711F-C40B-4613-97B1-B60871FFCC95}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{1790DE46-0D30-4832-B62F-863E040879A9}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{848C15FA-4D3E-48AA-B0BC-FBF1ABA0B846}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2E2417E4-C17E-499B-9985-5BA7513994E3}] => (AllowC:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{850D97F3-4812-4351-97B4-936BA795F1A0}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C76E1DD9-C9BA-4A1E-AF41-B2754C16E660}] => (AllowC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C277C461-5104-4A00-A6A2-589BD7679B5E}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{580EEA5F-1937-4508-92D2-8CC0EE3484A3}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4274A85E-FF3D-41E8-9AEC-D57E1CB05520}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DB334257-B339-4DB4-B469-FC9224A0B805}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E0D93F0-6371-4B85-B7DA-7C5F57274079}] => (AllowC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

NameBluetooth USB Module
DescriptionBluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
ManufacturerQualcomm Atheros Communications
ServiceBTHUSB
Problem: : This device is disabled. (Code 22)
ResolutionIn Device Managerclick "Action", and then click "Enable Device"This starts the Enable Device wizardFollow the instructions.

NameVirtueller Microsoft-Adapter für direktes WiFi
DescriptionVirtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
ManufacturerMicrosoft
Servicevwifimp
Problem: : This device is disabled. (Code 22)
ResolutionIn Device Managerclick "Action", and then click "Enable Device"This starts the Enable Device wizardFollow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/07/2015 07:29:23 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 10:58:27 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledSPRetry 1187

Error: (12/06/2015 10:58:27 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling Errorm->NextScheduledEvent 1187

Error: (12/06/2015 10:58:27 PM) (SourceBonjour Service) (EventID100) (User: )
DescriptionTask Scheduling ErrorContinuously busy for more than a second

Error: (12/06/2015 08:48:40 PM) (SourcePerflib) (EventID1008) (User: )
DescriptionBITSC:\Windows\System32\bitsperf.dll8

Error: (12/06/2015 08:42:04 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 08:26:26 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:52 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:46 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:45 PM) (SourceSideBySide) (EventID78) (User: )
DescriptionFehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1"Fehler in Manifestoder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderenbereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (12/07/2015 07:06:58 PM) (SourceDCOM) (EventID10010) (UserNT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (12/07/2015 04:23:54 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 01:41:15 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 11:56:54 AM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 11:28:13 AM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 02:28:57 AM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 10:58:25 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 08:51:55 PM) (SourceDCOM) (EventID10016) (UserNT-AUTORITÄT)
DescriptionAnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 08:34:42 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Benutzerdatenzugriff_532b5" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.

Error: (12/06/2015 08:34:42 PM) (SourceService Control Manager) (EventID7031) (User: )
DescriptionDer Dienst "Benutzerdatenspeicher _532b5" wurde unerwartet beendetDies ist bereits 1 Mal vorgekommenFolgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführtNeustart des Diensts.


CodeIntegrity:
===================================
  Date2015-12-03 14:42:49.532
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-12-03 10:00:41.678
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exeattempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 Antimalware signing level requirements.

  Date2015-12-03 08:57:20.634
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\1C94.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 08:54:49.535
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 08:51:22.867
  DescriptionWindows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the systemA recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date2015-12-03 00:05:15.122
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exeattempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date2015-11-29 11:59:02.148
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-28 08:55:24.782
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-26 14:14:33.874
  DescriptionCode Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date2015-11-24 16:03:08.589
  DescriptionCode Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exeattempted to load \Device\HarddiskVolume4\ProgramData\SecurityUtility\SecurityUtility64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

ProzessorIntel(RCore(TMi7-4710HQ CPU 2.50GHz
Prozentuale Nutzung des RAM66%
Installierter physikalischer RAM8115.27 MB
Verfügbarer physikalischer RAM2718.66 MB
Summe virtueller Speicher9395.27 MB
Verfügbarer virtueller Speicher5486.73 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:97.22 GB) (Free:19.44 GBNTFS
Drive d: (Progs) (Fixed) (Total:97.66 GB) (Free:97.39 GBNTFS
Drive e: (Games) (Fixed) (Total:253.86 GB) (Free:250.55 GBNTFS

==================== MBR Partitionstabelle ==================

========================================================
Disk(Size465.8 GB) (Disk ID388C274B)

PartitionGPT.

==================== Ende von Addition.txt ============================ 

deeprybka 07.12.2015 19:35
Bitte Frage beantworten und Addition.txt in CODE Tags posten...:)

Sc@rf@ce 07.12.2015 19:39
PC läuft super, konnte vorher auch keine Beeinträchtigung feststellen,
wollte aber gerne wissen ob Ihr etwas negatives feststellen könnt.
Schon mal vorab danke, dass du dir die Zeit genommen hast :daumenhoc:daumenhoc:daumenhoc

LG Phil

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von phili_000 (2015-12-07 19:31:04)
Gestartet von C:\Users\phili_000\Downloads
Windows 10 Home (X64) (2015-11-20 16:35:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1645853366-4108103990-173416813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1645853366-4108103990-173416813-503 - Limited - Disabled)
Gast (S-1-5-21-1645853366-4108103990-173416813-501 - Limited - Disabled)
phili_000 (S-1-5-21-1645853366-4108103990-173416813-1002 - Administrator - Enabled) => C:\Users\phili_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.20.1143 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Echo of Soul (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\echoofsoul_de) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Happy Cloud Client (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\HappyCloud) (Version: 5.88 - Happy Cloud, Inc.)
Host App Service (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_AP) (Version: 0.269.7.800 - Pokki)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1c3caad7-d0ad-4f7c-87e0-f47627304993}) (Version: 1.3.3.1036 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.7 - IObit)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Pokki Start Menu (HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\SweetLabs_Start_Menu) (Version: 0.269.7.800 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1645853366-4108103990-173416813-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\phili_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

25-11-2015 20:38:43 Windows Update
28-11-2015 08:54:32 Windows Modules Installer
28-11-2015 18:10:33 Ashampoo AntiSpy for Windows® 10
29-11-2015 09:16:41 Installed LibreOffice 5.0.3.2
29-11-2015 09:34:32 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
29-11-2015 09:34:57 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
29-11-2015 09:36:06 OpenOffice 4.1.2 wird installiert
29-11-2015 11:42:59 Installed HP Support Solutions Framework
01-12-2015 21:26:37 NVIDIA PhysX wird entfernt
03-12-2015 09:59:34 Malwarebytes Anti-Rootkit Restore Point
05-12-2015 19:44:54 Prüfpunkt von HitmanPro

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-07 18:47 - 00000873 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1                        d3oxij66pru1i3.cloudfront.net

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05E89F7B-1BD6-4E69-B40E-3CDA22756C1D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {1C760AE0-4691-4050-9BF1-CABB04392B9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2B9E5DC8-5368-4C5E-86DE-55D70B663B73} - System32\Tasks\avastBCLRestartS-1-5-21-1645853366-4108103990-173416813-1001 => Firefox.exe
Task: {2CE9A845-AE5F-49CC-BF26-BFB9E76C1CDD} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {2E1BB0AE-80DF-4F6A-B714-0E2925A46F1D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {2E4649AB-9548-4B78-A425-F26CEDD612A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {361016F7-22F1-465D-8DC6-9D81F56D6ED6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3D9E8952-D3FF-4CDF-8EDB-E7D70363415D} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {406A5269-A884-4944-A972-5CFBD1ECD2C3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4BD0A954-CA58-4DCD-B77B-5F471E0B113E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {58E2506F-DC3E-4BAC-9999-730BCCCFABCC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
Task: {5C6BDC37-2A32-41E6-BCDF-34DB0CAA9D21} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {6CD1D35F-BD0B-4DFB-BB48-AA96093C17F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {6E92E7A9-967C-479D-91E3-4F3F5961A6F5} - System32\Tasks\SweetLabs App Platform => C:\Users\phili_000\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {767D0157-7D18-4AB2-B8A4-0AA8699CC374} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {788B4AFD-B011-46D1-85CB-E6FBECB274C6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {855851BA-57EF-4783-B465-64796561A4EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {8AF85D1F-2AB4-46FB-B1A8-B31F857609E5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {8D40EBCB-6231-4A60-B5A4-6C2FB3542CCF} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {9C1C0420-BBA6-440B-8272-94335B0775B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AE411750-82DE-4D42-BB75-C6A7B1E83785} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B3A6CB7B-4BF7-4260-A188-730BEA18A52C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-14] (Microsoft Corporation)
Task: {B6B3E581-B66D-4C9E-89AC-C8C70333FF38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {B831B44E-5D36-4D76-8EAF-C5BFBE28B56D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {C1E8DF03-5C42-4F07-A471-1EE77E82A216} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CB484BCB-C662-4897-BF88-0B3629A1ADCE} - System32\Tasks\Uninstaller_SkipUac_phili_000 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-20] (IObit)
Task: {E3ACD859-7468-42CE-B74D-45CAD37A45BE} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {FED387BA-70B3-4608-A80F-EB0B247E80FF} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_phili_000.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-24 16:09 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-04 08:40 - 2015-12-04 08:40 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpbr.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpdsp.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttpph.mdl
2015-12-04 08:40 - 2015-12-04 08:40 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01250_002\ashttprbl.mdl
2015-11-20 17:13 - 2015-11-24 20:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-08 11:06 - 2015-02-08 11:06 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-25 23:49 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 08:14 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-25 23:55 - 2014-07-01 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 08:14 - 2015-11-22 10:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-03 08:14 - 2015-11-22 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-03 08:14 - 2015-11-22 10:23 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-03 08:14 - 2015-11-22 10:20 - 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-03 08:14 - 2015-11-22 10:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-03 08:14 - 2015-11-22 10:18 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 08:18 - 2015-10-30 19:44 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 08:18 - 2015-10-30 19:43 - 00200192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-11-20 23:10 - 2015-11-20 23:10 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-20 23:10 - 2015-11-20 23:10 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-12-07 09:35 - 2015-12-07 09:35 - 00017408 _____ () C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.0.258.0_x86__vk8qsnw174y90\Kobo.Universal.exe
2015-11-26 14:29 - 2015-11-26 14:29 - 00475712 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\intermsec.dll
2015-11-24 16:10 - 2015-11-26 14:28 - 00157696 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\ui\ltr\intermsec.ui
2015-11-24 16:10 - 2015-10-26 11:44 - 00032256 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\intermsec.txtui
2015-11-24 16:10 - 2015-10-26 11:44 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\lang\de-DE\bdaphconp.txtui
2015-11-26 14:29 - 2015-11-26 14:29 - 00051352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bddpsp.dll
2015-11-25 00:05 - 2015-09-21 10:49 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 02907648 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2015-11-22 08:33 - 2015-11-22 08:34 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-01 21:18 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-25 00:05 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-25 00:05 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-25 00:05 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-02-19 17:51 - 2014-02-19 17:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-12-02 20:23 - 2015-12-02 20:23 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-17 11:10 - 2015-11-17 11:10 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-12-07 09:35 - 2015-12-07 09:35 - 26124800 _____ () C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.0.258.0_x86__vk8qsnw174y90\Kobo.Universal.dll
2015-11-28 17:52 - 2015-11-19 16:43 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-11-28 17:52 - 2015-11-19 16:43 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Bitdefender Agent:Win32App_1
AlternateDataStreams: C:\Program Files\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1
AlternateDataStreams: C:\Program Files\CyberGhost 5:Win32App_1
AlternateDataStreams: C:\Program Files\Dolby Digital Plus:Win32App_1
AlternateDataStreams: C:\Program Files\iTunes:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Foxit PhantomPDF:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Thunderbird:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\OpenOffice 4:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App_1
AlternateDataStreams: C:\ProgramData\HP:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1645853366-4108103990-173416813-1002\Control Panel\Desktop\\Wallpaper -> c:\users\phili_000\pictures\wallpapers\bitdefender_wallpaper.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1645853366-4108103990-173416813-1002\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EAB8735A-151B-403B-B88F-1582A303489A}] => (Allow) e:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1A31FE46-DFEE-448D-A92E-B5C853E4ED5F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{16F970D2-0B81-47F3-A6C0-4557C0A5F41C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{745A43D9-B26D-45FE-8224-B1B6EB2DD6F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7848EDF7-09E0-41C2-9332-102B6A791904}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43F058C6-8629-4E00-978B-56EFE60CD4E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82A7F785-09D3-4595-B862-4007B9D00CA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{091DE39B-7857-4260-9449-775F81D7C7E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24776E35-292B-413B-B9C8-7D0A7FEA1DF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E1121A28-72F9-49BB-8ACE-098CFB39EBDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E0F976C4-895D-46EE-9A7C-7B910C6D6021}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{25FF00EA-55D2-49CE-8095-F3A1D8B1102B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{25A0C4E7-F6FA-4146-8E8D-41BCEBCDC97E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{AE736457-4501-4A05-AC87-88BF7F894AD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BE785E5-B5AB-4CB0-A0DF-E014A79D3BB1}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Block) E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{D29DFEE0-C82B-493D-9149-69FB5B2E9530}E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe] => (Block) E:\program files (x86)\firefly studios\stronghold 2\stronghold2.exe
FirewallRules: [{C24D4B80-55A6-4019-B105-C8091988DB7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{518F0370-FC78-460A-A21E-88A91239C90F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{23BB4802-2C94-4B02-AA2D-0ECB9D8CC13F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{00770616-366A-4E02-82F7-92065974FD87}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{51B8A707-02A7-47D4-8214-FDFC6B0A4B47}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{64B060E5-8409-46BB-BA88-2D4CFE3ACA4D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B89A7649-741C-4FD1-A1B2-B4EEAE0CE51D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F1BD5625-099F-40D2-A95C-9BD97C7EC930}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B6D060D-AA3E-4AB8-BBB6-F7A49BD4CD6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CC32FFD-9E00-4CAB-B132-4D93B2D4C943}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4FB7F668-4218-4909-A82E-BFB4CB66E555}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90FB0F21-F7E1-49AE-8702-DE0771A9D9D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{FE43D7FD-05B0-46CE-9A83-45381D3D18F0}E:\diablo iii\diablo iii.exe] => (Block) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{10A3A6DD-7313-4F56-9472-A437144127B4}E:\diablo iii\diablo iii.exe] => (Block) E:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F4710D58-C36F-401C-875E-29411CFD3F5A}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9733DCB6-3566-4805-8297-D3BD96153F20}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{03C1A66A-EE75-4222-B884-AFB927A12A71}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{1AF19AFD-8BEF-4593-8A41-B5B09C559698}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{6D22436B-8711-4C21-9A5E-E5A47E6F3E89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A85D6835-1A98-4549-840C-FE2F2126E12A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{81C67D0C-01E4-4911-8576-61C2AFD7A029}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{901899D8-EFA0-4445-9E7C-11DF99345249}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F0F83CA-8701-4FA2-A44F-7E8265C8D25B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1B46857-2746-4158-9BF5-80738E786850}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EFE4FA4-6FDE-46FE-9129-8A7F494612A8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{38FCADEA-F703-4145-BB14-B48F4BD00718}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{692F1E5F-F180-4AAE-84AE-63736D418985}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BFA36618-6677-4020-BBBC-81F46AD3A8B3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{47463F43-2730-4313-9F5C-92E0070C6C3D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{635D6D07-964E-40DF-9844-81462935DEB7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities XXL\CitiesXXL.exe
FirewallRules: [{B1750942-7B15-4A8D-8CBD-32E4F7CA16B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E1DFF03-9D12-447F-99DA-A0A915E4715A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70EC2521-4246-4A5C-B20B-21B2C28E3C92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BDEA5603-9469-452C-93AF-2BD7E3808CEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5E35023-0F8B-49E1-B525-582A9BBFA350}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EEEF414B-EBA5-44CA-856A-E64005EB71DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{86FAF3DD-4824-4AB4-A2A3-A10D4DAB57D5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F517E3DE-86B9-45D3-B755-E492FDAC63FC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [UDP Query User{9092B7DB-A511-4687-B7D6-B8265DAF7867}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) E:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [TCP Query User{FE4D403A-03FD-4DEC-87DD-56BCFE1F692D}E:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) E:\program files (x86)\innonics\wiggles\wiggles.exe
FirewallRules: [{6C1793D6-1AEF-4992-A5EA-836A32DD8A94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8F7264C-805D-4848-859C-EBDA60B7365E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777C3F7A-7D16-4429-9878-CD4FEC42EC4D}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E1BB0E9-6C33-4394-95EC-EBD45601B034}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E9F7A58-3BF3-4C1C-A2D0-4DECA53E95FC}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E85459EA-229C-4E11-A283-BE8EF5FD9A0A}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{95E1DFE4-7B5F-4691-935C-85355548E966}E:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) E:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7C243CC-7B4D-46EC-9B87-D983C20E7F53}E:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) E:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{55C16FEC-B652-4CB7-989B-82985F5F4E43}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{741430D6-F280-44AA-A83A-8DB76632634C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08545E10-B9B4-42EA-AE96-A557D77171D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{48F56680-16AE-462D-B657-716FE78A366A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{575423AF-095A-403E-B4FB-1D73CABDED52}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F20E06C-B1FE-4332-9677-09D98211C96F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{42FE248F-E58D-426A-9244-6DA28ADFF287}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE5C3A0A-5BED-4036-B7AE-98725B2B34E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9597564E-A41C-409F-9CA7-B62D8DBAA027}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{17D5B3C2-47F9-410E-BF95-780C07A2F08F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E638CA19-0729-490B-A581-2232887EE232}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5804532F-757F-4E0A-A044-FF892F7ADE0C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4A98E89B-871C-43AB-B38C-B15FA85AF2FF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4FFDB9D9-B636-4AA7-937A-82910457D0F8}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8CAAABC1-8DF9-4723-BFFD-98E16CB9BC64}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{81CDF4B6-460F-4C91-992E-0A432E22BD18}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{02F34962-0520-402A-A985-7C8AE1882FAD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{74EA1C5C-1120-4036-87F0-71D854EB0F72}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ADDD2A26-31CD-4118-A4B8-11ADBBDEFD14}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{8D97AC3B-016E-43C3-9852-9F5F4B6CAE0C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{65F2A37E-8384-498D-96E3-94C1BE9C9AE9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0EE2B935-09D0-45BA-A801-7C08D494BBAB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AFD454D4-DDB9-473C-99E0-7D4E1A5F1213}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D32DC2A6-55B8-463C-B917-A3F1BB6373C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A28E3453-FFA9-4C36-9B0D-12A66417D0BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E3B6E9CD-41CE-47E3-B1B8-381A8E7D5A69}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DA040229-43D7-45E4-B53E-7CEF05935DF4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F05DEEAC-2726-4AD5-BE08-496E396684D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E06E4E9A-AD29-4FB2-97E2-8191EF1B1206}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{37D1E2B0-DE80-4B78-B8C5-F7B415216608}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6D73076-49B0-436A-B94B-D5A735804234}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{1FBD3F84-1DE3-4203-95C8-AAFB85FEB983}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B73DCF7B-F06C-418E-8B14-19724F141474}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{158FAA4C-60FB-439D-9771-9F094968C1E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6E9E5F5F-4578-444B-8101-E5EF6EC6AB9F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ED8C21C5-36E9-4C29-85A6-FF334B15CD3F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C8C8775A-8791-42B4-B074-17826EFC0FEF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{4736CBBB-F912-464A-BF51-1EB1F1E47B66}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B4780E33-E05B-490C-B24E-295B8196915A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6A236F4A-CD1C-4225-899F-F191A3F8CDAA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{45BD9621-4D3D-49D2-ABF6-D04E5C7CA913}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EFDA2C5C-AF34-4572-B27D-7885024C6588}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{345FA44C-AE48-4A65-BAAE-F158740E9F9C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{B9CF93F0-7FD9-4280-B23B-3943630B054D}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{A337FD61-4FD2-42DD-83B9-4CB3B13C6E68}C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{6B55CDCC-76F7-4D49-8D86-F06D5C314882}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{8080E4D2-9C47-4621-8914-20A408AD7B17}C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\phili_000\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [{9ECE984B-A4F1-45E4-AE4E-FAD40C7E66CF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D324842A-781F-4E89-9E34-87725F89A9F0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{76A6DECD-F301-444F-8600-A855CFE2D485}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D6541334-5960-4B06-A23F-6E58F4C13634}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5843DCFF-0EDB-4E5A-9835-661734BCB820}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{8C40B3B6-C5D0-4315-9A3F-65CF22D30C8C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{38E14C17-7818-4088-82ED-E508D14EA669}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{7243BAD5-52BB-4592-ACFB-FA7059CF41BA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{A9E53B59-F72F-468B-907A-22854052160C}] => (Allow) LPort=5357
FirewallRules: [{E7635B80-EF10-4178-BCDE-12AB2683B9AE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{68E12751-6AE5-42E1-BB47-420AD7E531C7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{BD8BC519-4800-4BEC-9D5F-43F828805046}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{F34B711F-C40B-4613-97B1-B60871FFCC95}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{1790DE46-0D30-4832-B62F-863E040879A9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{848C15FA-4D3E-48AA-B0BC-FBF1ABA0B846}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2E2417E4-C17E-499B-9985-5BA7513994E3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{850D97F3-4812-4351-97B4-936BA795F1A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C76E1DD9-C9BA-4A1E-AF41-B2754C16E660}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C277C461-5104-4A00-A6A2-589BD7679B5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{580EEA5F-1937-4508-92D2-8CC0EE3484A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4274A85E-FF3D-41E8-9AEC-D57E1CB05520}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DB334257-B339-4DB4-B469-FC9224A0B805}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5E0D93F0-6371-4B85-B7DA-7C5F57274079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Virtueller Microsoft-Adapter für direktes WiFi
Description: Virtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/07/2015 07:29:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 10:58:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1187

Error: (12/06/2015 10:58:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1187

Error: (12/06/2015 10:58:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/06/2015 08:48:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/06/2015 08:42:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 08:26:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/06/2015 06:25:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (12/07/2015 07:06:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (12/07/2015 04:23:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 01:41:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 11:56:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 11:28:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/07/2015 02:28:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 10:58:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 08:51:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/06/2015 08:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_532b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/06/2015 08:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _532b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-03 14:42:49.532
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-03 10:00:41.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-03 08:57:20.634
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\1C94.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 08:54:49.535
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 08:51:22.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\9B84.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-12-03 00:05:15.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.

  Date: 2015-11-29 11:59:02.148
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-28 08:55:24.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-26 14:14:33.874
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-11-24 16:03:08.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\ProgramData\SecurityUtility\SecurityUtility64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 2718.66 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5486.73 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:97.22 GB) (Free:19.44 GB) NTFS
Drive d: (Progs) (Fixed) (Total:97.66 GB) (Free:97.39 GB) NTFS
Drive e: (Games) (Fixed) (Total:253.86 GB) (Free:250.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 388C274B)

Partition: GPT.

==================== Ende von Addition.txt ============================
so, hoffe das passt :singsing:


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:16 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131