Trojaner-Board - Adware beim streamen

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Adware beim streamen (https://www.trojaner-board.de/171471-adware-beim-streamen.html)

Adware beim streamen

Hi beim surfen also beim streamen kommt bei mir immer weiterleitungen zu werbeseiten
meine vermutung ist das ich adware Draufhabe auf meinem pc habe schon mit mit emisoft anti malware und farbar gscannt

:hallo:

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!

Dann poste bitte alle Logdateien, die du hast.

Emisoft Anti malware

Code:

Emsisoft Anti-Malware v. 10.0.0.5641

(C) 2003-2015 Emsisoft - www.emsisoft.com
 

ID   Object

0    C:\Users\xxxx\Downloads\DelFix_1.011.exe erkannt: Schlechter Ruf

1    C:\Users\xxxx\Downloads\SlimDrivers-setup_dl.exe erkannt: Application.Win32.InstallDrive (A)

2    C:\Users\xxxx\Downloads\bfilter-1.1.4-install.exe erkannt: Behavior.AutorunCreation

3    Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SLIMWARE UTILITIES, INC.\DRIVERAPP erkannt: Application.InstallDrive (A)

4    Value: HKEY_USERS\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS erkannt: Setting.DisableRegistryTools (A)

5    Value: HKEY_USERS\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR erkannt: Setting.DisableTaskMgr (A)

FRST

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015

durchgeführt von xxxx (Administrator) auf xxxx-PC (23-09-2015 15:43:12)

Gestartet von C:\Users\xxxx\Downloads

Geladene Profile: xxxx & DefaultAppPool (Verfügbare Profile: xxxx & DefaultAppPool)

Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe

(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSMonitorServicePDVD15.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

(Akamai Technologies, Inc.) C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe

(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

(Akamai Technologies, Inc.) C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe

(Dropbox, Inc.) C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Dropbox, Inc.) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe

(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe

(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\xxxx\Downloads\FRST64 (1).exe

(Farbar) C:\Users\xxxx\Downloads\FRST64 (1).exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-06-29] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2015-06-29] (Lenovo(beijing) Limited)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-19] (AVAST Software)

HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-07-08] (Autodesk Inc.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)

HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)

HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [949960 2015-08-10] (CyberLink Corp.)

HKLM-x32\...\Run: [PixelPlanet PdfPrinter-Monitor] => C:\Program Files (x86)\Common Files\PixelPlanet\PdfPrinter 7\PdfPrinterMonitor.exe [6324984 2015-02-05] (PixelPlanet)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)

HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4939800 2015-08-20] (Emsisoft Ltd)

HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Dropbox Update] => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Policies\Explorer: [] 

AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-09-14] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-09-14] (NVIDIA Corporation)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-19] (AVAST Software)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)

Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-05]

ShortcutTarget: Dropbox.lnk -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Hosts Datei wurde nicht im Standardordner gefunden

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{28a5aebd-1edc-41fe-8a89-33687711c8f1}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{c0635005-5303-403f-8bfe-766deb8a5f99}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-22] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-22] (Oracle Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-22] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Extension: Ghostery - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\firefox@ghostery.com.xpi [2015-09-23]

FF Extension: CookieCuller - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-09-23]

FF Extension: Adblock Plus - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
 

Chrome: 

=======

CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"

CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Adguard Werbeblocker) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-09-19]

CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-09-21]

CHR Extension: (Adblock Plus) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]

CHR Extension: (KB SSL Enforcer) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof [2015-09-21]

CHR Extension: (Chrome Remote Desktop) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-09-19]

CHR Extension: (HTTPS Everywhere) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-09-19]

CHR Extension: (Click&Clean) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-09-22]

CHR Extension: (Vanilla Cookie Manager) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gieohaicffldbmiilohhggbidhephnjj [2015-09-22]

CHR Extension: (AdBlock) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-19]

CHR Extension: (Avast Online Security) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]

CHR Extension: (Safe Preview) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmbdchmgaaihfdlphhcdlecjehdngbk [2015-09-23]

CHR Extension: (WEB.DE MailCheck) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-09-19]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-22]

CHR Extension: (Avira SafeSearch) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-09-19]

CHR Extension: (Ghostery) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-22]

CHR Extension: (Norton Safe) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-22]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-22]

CHR Extension: (AddBllock Plus) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohojmbanobkkhndjgkemcaocpinjfehk [2015-09-19]

CHR Extension: (MegaStar Sliding) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfaogkfljpdfmodbmbogiiblppijleen [2015-09-19]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5531008 2015-08-20] (Emsisoft Ltd)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1128840 2015-07-08] (Autodesk Inc.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-19] (AVAST Software)

R2 CyberLink PowerDVD 15 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSMonitorServicePDVD15.exe [77240 2015-08-10] (CyberLink)

R2 CyberLink PowerDVD 15 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe [323000 2015-06-07] (CyberLink)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2015-07-11] (Intel Corporation)

R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [34760 2015-09-18] (Lenovo Group Limited)

S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation)

R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)

U2 OneSyncSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U2 OneSyncSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

U3 PimIndexMaintenanceSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 PimIndexMaintenanceSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)

U3 UnistoreSvc_Session20; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 UnistoreSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

U3 UserDataSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 UserDataSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [55800 2015-06-02] ()

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-19] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-19] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-19] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-19] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-19] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-19] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-19] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-19] (AVAST Software)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)

R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-08-07] (Emsisoft GmbH)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-21] (REALiX(tm))

R3 L1C; C:\Windows\System32\drivers\L1C62x64.sys [129224 2015-04-21] (Qualcomm Atheros Co., Ltd.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-04-21] (Intel Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)

R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)

S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-08-10] (CyberLink Corp.)

U3 idsvc; kein ImagePath

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

U3 wpcsvc; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-09-23 15:43 - 2015-09-23 15:44 - 00026896 _____ C:\Users\xxxx\Downloads\FRST.txt

2015-09-23 15:42 - 2015-09-23 15:43 - 02192384 _____ (Farbar) C:\Users\xxxx\Downloads\FRST64 (1).exe

2015-09-23 15:42 - 2015-09-23 15:42 - 02192384 _____ (Farbar) C:\Users\xxxx\Downloads\FRST64.exe

2015-09-23 15:39 - 2015-09-23 15:39 - 00000000 _____ C:\Users\xxxx\Downloads\DelFix_1.011.exedentifier

2015-09-23 14:53 - 2015-09-23 14:53 - 00016148 _____ C:\WINDOWS\system32\xxxx-PC_xxxx_HistoryPrediction.bin

2015-09-23 02:49 - 2015-09-23 02:49 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\KeePass

2015-09-23 02:33 - 2015-09-23 02:33 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2015-09-23 02:33 - 2015-09-23 02:33 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2

2015-09-23 02:32 - 2015-09-23 02:32 - 03058696 _____ (Dominik Reichl ) C:\Users\xxxx\Downloads\KeePass-2.30-Setup.exe

2015-09-23 01:47 - 2015-09-23 01:50 - 00000000 ____D C:\Program Files (x86)\BFilter

2015-09-22 22:55 - 2015-09-22 22:55 - 00000000 ____D C:\WINDOWS\SysWOW64\NV

2015-09-22 22:55 - 2015-09-22 22:55 - 00000000 ____D C:\WINDOWS\system32\NV

2015-09-22 22:53 - 2015-09-22 22:54 - 00000000 ____D C:\WINDOWS\LastGood

2015-09-22 22:51 - 2015-09-23 15:04 - 00000149 _____ C:\WINDOWS\setupact.log

2015-09-22 22:51 - 2015-09-22 22:51 - 00000000 _____ C:\WINDOWS\setuperr.log

2015-09-22 22:51 - 2015-09-22 00:56 - 00041600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys

2015-09-22 22:51 - 2015-09-14 02:24 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 18569848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 17934400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 16646112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 15631128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 15336024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 14945040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 13666840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 12191856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01064056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00986416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-09-22 19:40 - 2015-09-23 15:42 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

2015-09-22 19:07 - 2015-09-22 19:07 - 00000000 ____D C:\ProgramData\Emsisoft

2015-09-22 18:54 - 2015-09-23 15:34 - 00000516 _____ C:\Users\xxxx\Downloads\debug.log

2015-09-22 18:46 - 2015-09-22 18:46 - 00001160 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2015-09-22 18:46 - 2015-09-22 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

2015-09-22 18:45 - 2015-09-23 15:39 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2015-09-22 18:39 - 2015-09-22 18:45 - 174409328 _____ (Emsisoft Ltd. ) C:\Users\xxxx\Downloads\EmsisoftAntiMalwareSetup (2).exe

2015-09-22 18:21 - 2015-09-22 18:26 - 174409328 _____ (Emsisoft Ltd. ) C:\Users\xxxx\Downloads\EmsisoftAntiMalwareSetup (1).exe

2015-09-22 18:10 - 2015-09-22 18:14 - 174409328 _____ (Emsisoft Ltd. ) C:\Users\xxxx\Downloads\EmsisoftAntiMalwareSetup.exe

2015-09-22 18:08 - 2015-09-22 18:08 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\5F6859F4.sys

2015-09-22 18:04 - 2015-09-22 18:05 - 09488448 _____ (Crawler Group ) C:\Users\xxxx\Downloads\SpywareTerminatorSetup.exe

2015-09-22 18:02 - 2015-09-22 18:02 - 00001045 _____ C:\Users\xxxx\Desktop\JRT.txt

2015-09-22 17:46 - 2015-09-22 17:47 - 04184064 _____ (BrightFort LLC ) C:\Users\xxxx\Downloads\spywareblastersetup52.exe

2015-09-22 17:46 - 2015-09-22 17:46 - 01798976 _____ (Malwarebytes) C:\Users\xxxx\Downloads\JRT.exe

2015-09-22 17:45 - 2015-09-22 17:50 - 171157682 _____ (Emsisoft Ltd. ) C:\Users\xxxx\Downloads\Nicht bestätigt 648835.crdownload

2015-09-22 17:38 - 2015-09-22 17:39 - 00000600 _____ C:\Users\xxxx\PUTTY.RND

2015-09-22 17:38 - 2015-09-22 17:38 - 01961239 _____ C:\Users\xxxx\Downloads\u__1304.zip

2015-09-22 17:28 - 2015-09-22 17:28 - 03839960 _____ (AVAST Software) C:\Users\xxxx\Downloads\avast-browserv2-cleanup-sfx.exe

2015-09-22 15:55 - 2015-09-22 18:08 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-09-22 15:55 - 2015-09-22 15:55 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-09-22 15:55 - 2015-09-22 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-09-22 15:55 - 2015-09-22 15:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-09-22 15:55 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-09-22 15:55 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-09-22 15:55 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-09-22 15:46 - 2015-09-22 15:47 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.1.8.1057.exe

2015-09-22 15:33 - 2015-09-22 15:33 - 00000000 ____D C:\Users\xxxx\AppData\Local\Mixesoft

2015-09-22 15:25 - 2015-09-23 15:43 - 00000000 ____D C:\FRST

2015-09-22 15:09 - 2015-09-22 17:37 - 00000000 ____D C:\AdwCleaner

2015-09-22 15:09 - 2015-09-22 15:09 - 01662976 _____ C:\Users\xxxx\Downloads\AdwCleaner_5.008.exe

2015-09-22 14:28 - 2015-09-22 14:28 - 00002259 _____ C:\WINDOWS\epplauncher.mif

2015-09-22 14:19 - 2015-09-22 14:21 - 25385247 _____ C:\Users\xxxx\Downloads\mse_dt_48.zip

2015-09-22 14:11 - 2015-09-22 14:11 - 02870984 _____ (ESET) C:\Users\xxxx\Downloads\esetsmartinstaller_deu.exe

2015-09-22 14:11 - 2015-09-22 14:11 - 00000000 ____D C:\Program Files (x86)\ESET

2015-09-22 14:09 - 2015-09-23 02:32 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{400C29BF-7C3D-4656-91E7-533BBD52D5CB}

2015-09-22 14:09 - 2015-09-22 14:09 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Sun

2015-09-22 14:09 - 2015-09-22 14:09 - 00000000 ____D C:\Users\xxxx\.oracle_jre_usage

2015-09-22 14:08 - 2015-09-22 14:09 - 00000000 ____D C:\ProgramData\Oracle

2015-09-22 14:08 - 2015-09-22 14:08 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-09-22 14:08 - 2015-09-22 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-09-22 14:08 - 2015-09-22 14:08 - 00000000 ____D C:\Program Files (x86)\Java

2015-09-22 14:06 - 2015-09-22 14:06 - 00584288 _____ (Oracle Corporation) C:\Users\xxxx\Downloads\JavaSetup8u60.exe

2015-09-22 14:04 - 2015-09-23 02:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2015-09-22 14:04 - 2015-09-22 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2015-09-22 14:04 - 2015-09-22 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit

2015-09-22 14:02 - 2015-09-22 14:02 - 02865192 _____ (Malwarebytes ) C:\Users\xxxx\Downloads\mbae-setup-1.07.1.1015.exe

2015-09-22 13:50 - 2015-09-22 13:50 - 00003634 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask

2015-09-22 13:48 - 2015-09-23 15:40 - 00000174 _____ C:\DelFix.txt

2015-09-22 13:48 - 2015-09-22 13:48 - 00000000 ____D C:\WINDOWS\ERUNT

2015-09-22 12:31 - 2015-09-22 12:31 - 02366824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll

2015-09-22 12:22 - 2015-09-22 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-09-21 16:58 - 2015-09-21 20:07 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-09-21 16:58 - 2015-09-21 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-09-21 16:51 - 2015-09-21 16:51 - 00001337 _____ C:\Users\xxxx\Desktop\Revo Uninstaller.lnk

2015-09-21 16:51 - 2015-09-21 16:51 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2015-09-21 12:32 - 2015-09-21 13:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-09-20 23:48 - 2015-09-22 17:29 - 00003288 _____ C:\WINDOWS\System32\Tasks\avastBCLRestart_chrome.exe

2015-09-20 23:37 - 2015-09-20 23:40 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware

2015-09-20 02:55 - 2015-09-20 02:55 - 00000000 ____D C:\Users\xxxx\AppData\Local\THQ

2015-09-20 02:55 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll

2015-09-19 22:31 - 2015-09-19 22:31 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-09-19 20:15 - 2015-09-19 20:15 - 00000220 _____ C:\Users\xxxx\Desktop\Saints Row 2.url

2015-09-19 15:20 - 2015-09-19 15:20 - 00012240 _____ C:\Users\xxxx\Downloads\ZAT.CT

2015-09-19 14:27 - 2015-09-19 14:27 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2015-09-19 14:27 - 2015-09-19 14:27 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2015-09-18 20:49 - 2015-09-18 20:49 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 ____D C:\Users\DefaultAppPool

2015-09-18 20:49 - 2015-08-12 02:14 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-09-18 20:49 - 2015-07-30 17:30 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-09-18 12:35 - 2015-09-18 12:35 - 00000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP

2015-09-16 16:32 - 2015-09-16 16:32 - 00000000 ___RD C:\Users\xxxx\3D Objects

2015-09-13 14:24 - 2015-09-13 14:24 - 00000000 ____D C:\Program Files\Rockstar Games

2015-09-13 14:21 - 2015-09-13 14:21 - 00002171 _____ C:\Users\Public\Desktop\L.A. Noire.lnk

2015-09-13 13:45 - 2015-09-13 14:21 - 186155112 _____ C:\Users\xxxx\Downloads\LAN_Patch_2617_0_0_0.exe

2015-09-13 13:38 - 2015-09-13 13:38 - 00003438 _____ C:\WINDOWS\System32\Tasks\{9ECE9736-4473-40CF-AFCC-7AB307EE7E8B}

2015-09-13 13:08 - 2015-09-13 13:08 - 00000000 ____D C:\Users\xxxx\AppData\Local\Chromium

2015-09-12 17:14 - 2015-09-12 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft

2015-09-12 17:08 - 2015-09-12 17:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft

2015-09-12 16:58 - 2015-09-12 16:58 - 00003190 _____ C:\WINDOWS\System32\Tasks\{52DDE1AA-B061-4F87-8A44-7FF3C1631A6F}

2015-09-12 13:09 - 2015-09-21 11:48 - 00075938 _____ C:\Users\xxxx\Downloads\ProbeklausurBaustoffe2.odt

2015-09-12 01:33 - 2015-09-12 01:33 - 00000000 ____D C:\Users\xxxx\AppData\Local\PAYDAY

2015-09-11 18:01 - 2015-09-11 18:01 - 00463142 _____ C:\Users\xxxx\Downloads\pokemon_green.zip

2015-09-11 17:59 - 2015-09-11 17:59 - 00529265 _____ C:\Users\xxxx\Downloads\epsxe170.zip

2015-09-11 17:58 - 2015-09-11 18:02 - 00002024 _____ C:\Users\xxxx\Downloads\vba1.ini

2015-09-11 17:58 - 2015-09-11 17:58 - 01380476 _____ (None) C:\Users\xxxx\Downloads\VisualBoyAdvance-1.8.0-511.exe

2015-09-11 17:56 - 2015-09-11 17:56 - 00404766 _____ C:\Users\xxxx\Downloads\bgb.zip

2015-09-11 17:27 - 2015-09-11 17:27 - 00249294 _____ C:\Users\xxxx\Downloads\PDTH_trainer_v1.6.rar

2015-09-11 15:55 - 2015-09-11 15:55 - 00013685 _____ C:\Users\xxxx\Downloads\Bioshock (1).CT

2015-09-11 15:23 - 2015-09-11 15:24 - 28319683 _____ C:\Users\xxxx\Downloads\Bioshock_Version_11_Patch_USK_German_and_English.zip

2015-09-11 15:14 - 2015-09-11 15:56 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Bioshock

2015-09-11 15:14 - 2015-09-11 15:42 - 00000000 ____D C:\Users\xxxx\Documents\Bioshock

2015-09-11 15:06 - 2015-09-11 15:06 - 00013685 _____ C:\Users\xxxx\Downloads\Bioshock.CT

2015-09-11 15:02 - 2015-09-11 15:02 - 00025767 _____ C:\Users\xxxx\Downloads\BioShockInfinite.CT

2015-09-11 15:00 - 2015-09-11 15:00 - 00000000 ____D C:\Program Files (x86)\2K Games

2015-09-09 23:17 - 2015-09-10 01:05 - 00000000 ____D C:\Users\xxxx\Documents\Max Payne 2 Savegames

2015-09-09 16:35 - 2015-09-09 16:46 - 00000000 ____D C:\ProgramData\Ashampoo

2015-09-09 16:34 - 2015-09-09 16:56 - 00000000 ____D C:\Program Files (x86)\Ashampoo

2015-09-09 16:31 - 2015-09-09 16:32 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Users\xxxx\Downloads\ashampoo_winoptimizer_2015_18590.exe

2015-09-09 16:24 - 2015-09-09 16:25 - 03173296 _____ ( ) C:\Users\xxxx\Downloads\TuneUp_Remover.exe

2015-09-09 16:24 - 2015-09-09 16:24 - 00359656 _____ (Microsoft Corporation) C:\Users\xxxx\Downloads\msicuu2.exe

2015-09-09 16:21 - 2015-09-09 16:25 - 115845912 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuht_stf_all_2015_638 (1).exe

2015-09-09 16:00 - 2015-09-09 16:00 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\AVG

2015-09-09 15:54 - 2015-09-09 16:18 - 115845912 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuht_stf_all_2015_638.exe

2015-09-09 15:51 - 2015-09-09 16:18 - 00000000 ____D C:\ProgramData\Avg

2015-09-09 15:50 - 2015-09-09 16:17 - 00000000 ____D C:\Users\xxxx\AppData\Local\AvgSetupLog

2015-09-09 15:50 - 2015-09-09 15:59 - 00000000 ____D C:\Users\xxxx\AppData\Local\Avg

2015-09-09 15:49 - 2015-09-09 15:50 - 16902552 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_gse_stb_all_ltst_96.exe

2015-09-09 01:06 - 2015-09-09 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-09-09 01:04 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-09-09 01:04 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-09-09 01:04 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2015-09-09 01:04 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-09-09 01:04 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-09-09 01:04 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2015-09-09 01:04 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll

2015-09-09 01:03 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-09-09 01:03 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-09-09 01:03 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-09-09 01:03 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-09-09 01:03 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-09-09 01:03 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-09-09 00:57 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-09-09 00:57 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-09-09 00:57 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2015-09-09 00:57 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2015-09-09 00:57 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-09-09 00:57 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-09-09 00:57 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2015-09-09 00:57 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-09-09 00:57 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll

2015-09-09 00:56 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-09-09 00:56 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-09-09 00:56 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-09-09 00:56 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-09-09 00:56 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-09-09 00:56 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-09-09 00:56 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll

2015-09-09 00:56 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-09-09 00:55 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-09-09 00:55 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-09-09 00:33 - 2015-09-09 00:33 - 00000000 ___HD C:\$SysReset

2015-09-07 13:51 - 2015-09-07 13:51 - 17213758 _____ C:\Users\xxxx\Downloads\RZ600StudSetup (1).zip

2015-09-06 14:37 - 2015-09-06 14:37 - 00000000 ____D C:\Users\xxxx\Documents\Hitman Blood Money

2015-09-06 14:33 - 2015-09-09 00:29 - 00000000 ____D C:\Program Files (x86)\GameShadow

2015-09-05 23:01 - 2015-09-05 23:01 - 00000000 ____D C:\Program Files (x86)\Eidos Interactive

2015-09-05 20:39 - 2015-09-09 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos

2015-09-05 20:36 - 2015-09-06 14:21 - 00000000 ____D C:\Program Files (x86)\Eidos

2015-09-04 13:33 - 2015-09-04 13:33 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-09-04 00:08 - 2015-09-04 00:08 - 00001395 _____ C:\Users\xxxx\Downloads\HOMEFRONT.CT

2015-09-03 16:29 - 2015-09-03 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant

2015-09-03 16:28 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe

2015-09-03 16:28 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat

2015-09-03 16:27 - 2015-09-03 16:27 - 00000000 ____D C:\Program Files\Dolby Digital Plus

2015-09-03 16:27 - 2013-07-25 14:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe

2015-09-03 16:23 - 2015-09-03 16:23 - 03153264 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A96.DLL

2015-09-03 16:22 - 2015-09-03 16:22 - 07231400 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 01052208 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BP16.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 00431048 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 00071024 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll

2015-08-31 19:27 - 2015-08-25 20:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll

2015-08-31 19:27 - 2015-08-25 20:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll

2015-08-31 17:53 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2015-08-29 23:11 - 2015-08-29 23:11 - 01031608 _____ (CyberLink) C:\Users\xxxx\Downloads\CyberLink_PowerDVD_Downloader (1).exe

2015-08-29 17:06 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-08-29 17:06 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2015-08-29 17:06 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-08-29 17:06 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2015-08-29 17:06 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2015-08-29 17:06 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-08-29 17:06 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2015-08-29 17:06 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-08-29 17:06 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-08-29 17:06 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll

2015-08-29 17:06 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2015-08-29 17:06 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2015-08-29 17:06 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2015-08-29 17:06 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2015-08-29 17:06 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2015-08-29 17:06 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll

2015-08-29 17:06 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll

2015-08-29 17:06 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2015-08-29 17:06 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll

2015-08-29 17:06 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-08-29 17:06 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2015-08-29 17:06 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll

2015-08-29 17:06 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-08-29 17:06 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2015-08-29 17:06 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll

2015-08-29 17:06 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll

2015-08-29 17:06 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll

2015-08-29 17:06 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll

2015-08-29 17:06 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-08-29 17:06 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2015-08-29 17:06 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList

2015-08-24 17:21 - 2015-08-24 17:21 - 01089496 _____ (Unity Technologies ApS) C:\Users\xxxx\Downloads\UnityWebPlayer.exe
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-09-23 15:40 - 2015-06-25 22:07 - 00000000 _____ C:\Users\xxxx\Downloads\PD2Hook.log

2015-09-23 15:30 - 2015-06-17 12:19 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA.job

2015-09-23 15:19 - 2015-04-22 17:43 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-09-23 15:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru

2015-09-23 15:12 - 2015-05-05 22:37 - 00000000 ___RD C:\Users\xxxx\Dropbox

2015-09-23 15:12 - 2015-05-05 22:31 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Dropbox

2015-09-23 15:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-09-23 14:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-09-23 14:53 - 2015-04-22 17:43 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-09-23 03:03 - 2015-08-10 03:01 - 01674400 _____ C:\Users\Public\CAFADEBUG.log

2015-09-23 02:49 - 2015-04-26 13:37 - 00000000 ____D C:\Users\xxxx\Documents\bauko 2

2015-09-23 02:37 - 2015-04-23 20:59 - 00000000 ____D C:\Users\xxxx\AppData\Local\Akamai

2015-09-23 00:40 - 2015-07-29 20:11 - 00000000 ____D C:\Users\xxxx\AppData\Local\Packages

2015-09-22 22:55 - 2015-07-29 19:41 - 00000000 ____D C:\ProgramData\NVIDIA

2015-09-22 18:40 - 2015-04-24 20:58 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Nitro PDF

2015-09-22 18:34 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-09-22 18:33 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-09-22 17:38 - 2015-07-29 19:45 - 00000000 ____D C:\Users\xxxx

2015-09-22 16:01 - 2015-04-23 21:14 - 00000000 ____D C:\Program Files (x86)\Steam

2015-09-22 13:59 - 2015-04-22 18:53 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2015-09-22 12:29 - 2015-05-30 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-09-22 11:30 - 2015-06-17 12:18 - 00001164 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core.job

2015-09-22 00:55 - 2015-07-23 04:02 - 11198080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-09-22 00:13 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-09-22 00:02 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2015-09-21 15:57 - 2015-04-27 13:21 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-09-21 11:58 - 2015-04-21 21:28 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\IObit

2015-09-21 11:58 - 2015-04-21 21:28 - 00000000 ____D C:\ProgramData\IObit

2015-09-21 00:51 - 2015-05-02 20:46 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-09-21 00:46 - 2015-08-06 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby

2015-09-21 00:45 - 2015-04-22 17:43 - 00000000 ____D C:\Program Files (x86)\Google

2015-09-19 14:27 - 2015-04-22 18:53 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

2015-09-18 11:37 - 2015-07-29 19:44 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-09-18 11:37 - 2015-07-10 18:34 - 00885892 _____ C:\WINDOWS\system32\perfh007.dat

2015-09-18 11:37 - 2015-07-10 18:34 - 00196488 _____ C:\WINDOWS\system32\perfc007.dat

2015-09-18 11:34 - 2015-05-10 21:40 - 00000000 ____D C:\Users\xxxx\Documents\vermessung

2015-09-18 10:46 - 2015-05-03 16:31 - 00000000 ____D C:\Users\xxxx\Documents\bauphysik

2015-09-17 15:56 - 2015-05-19 23:08 - 00000000 ____D C:\Users\xxxx\Documents\RZDB

2015-09-17 02:28 - 2015-04-23 22:53 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared

2015-09-17 02:27 - 2015-04-23 23:39 - 00000000 ____D C:\Users\xxxx\AppData\Local\Autodesk

2015-09-17 02:27 - 2015-04-23 22:25 - 00000000 ____D C:\ProgramData\Autodesk

2015-09-17 02:25 - 2015-04-24 00:28 - 00000000 ____D C:\Users\Public\Documents\Autodesk

2015-09-17 02:25 - 2015-04-23 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

2015-09-16 00:58 - 2015-07-15 00:23 - 00000000 ____D C:\Users\xxxx\Desktop\games

2015-09-15 23:58 - 2015-07-29 20:18 - 00002384 _____ C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2015-09-15 23:58 - 2015-07-29 20:18 - 00000000 ___RD C:\Users\xxxx\OneDrive

2015-09-15 17:14 - 2015-04-22 17:43 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-09-15 17:14 - 2015-04-22 17:43 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-09-14 15:54 - 2015-04-26 13:55 - 00000000 ____D C:\Users\xxxx\Documents\baustoffe 2

2015-09-14 02:24 - 2015-08-13 21:26 - 12611632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 03484216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 03077544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 01178248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00034098 _____ C:\WINDOWS\system32\nvinfo.pb

2015-09-14 00:04 - 2015-07-29 19:41 - 06885168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 03496056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 01062008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00937776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-09-14 00:04 - 2015-07-29 19:41 - 00581752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-09-13 14:25 - 2015-04-24 20:43 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2015-09-13 14:21 - 2015-05-03 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2015-09-13 13:50 - 2015-04-21 21:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-09-13 13:08 - 2015-04-25 15:30 - 00000000 ____D C:\Users\xxxx\Documents\Rockstar Games

2015-09-12 16:07 - 2015-04-23 21:14 - 00000973 _____ C:\Users\Public\Desktop\Steam.lnk

2015-09-11 14:17 - 2015-07-29 19:41 - 05231082 _____ C:\WINDOWS\system32\nvcoproc.bin

2015-09-11 13:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache

2015-09-09 16:40 - 2015-07-29 21:39 - 00000000 ____D C:\WINDOWS\Minidump

2015-09-09 16:40 - 2015-07-29 20:36 - 00000000 ___DC C:\WINDOWS\Panther

2015-09-09 16:01 - 2015-04-21 21:00 - 00000000 ____D C:\Users\xxxx\AppData\Local\VirtualStore

2015-09-09 15:44 - 2015-07-18 16:51 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\TS3Client

2015-09-09 14:05 - 2015-07-10 14:20 - 00431928 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-09-09 14:02 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal

2015-09-09 14:02 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-09-09 12:44 - 2015-04-22 06:23 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-09-09 01:06 - 2015-04-21 22:37 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk

2015-09-09 01:06 - 2015-04-21 22:37 - 00000000 ____D C:\Program Files\CCleaner

2015-09-09 00:29 - 2015-07-10 18:44 - 00000000 ____D C:\WINDOWS\ShellNew

2015-09-09 00:29 - 2015-06-29 13:05 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo

2015-09-09 00:29 - 2015-05-21 19:21 - 00000000 __RDC C:\Users\xxxx\Desktop\Klausuren Statik II

2015-09-09 00:29 - 2015-04-23 22:25 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Autodesk

2015-09-09 00:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration

2015-09-09 00:24 - 2015-07-30 12:33 - 00000000 ____D C:\ProgramData\Lenovo

2015-09-09 00:02 - 2015-04-22 18:53 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-09-08 23:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe

2015-09-08 02:43 - 2015-04-26 15:04 - 00000000 ____D C:\Users\xxxx\Documents\statik 2

2015-09-08 02:38 - 2015-04-26 13:59 - 00000000 ____D C:\Users\xxxx\Documents\statik 1

2015-09-07 10:00 - 2015-04-24 01:03 - 00000072 _____ C:\Users\Public\LMDebug.log

2015-09-04 00:03 - 2015-04-25 13:12 - 00000000 ____D C:\Users\xxxx\Documents\My Games

2015-09-03 16:24 - 2015-07-29 21:32 - 00000000 ____D C:\ProgramData\Conexant

2015-09-03 16:22 - 2015-07-29 21:31 - 01991784 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2015-09-03 16:22 - 2015-07-29 21:31 - 00340656 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2015-09-03 16:22 - 2015-07-29 21:31 - 00283928 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2015-09-03 16:22 - 2015-04-21 21:38 - 01317096 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys

2015-09-01 00:39 - 2015-07-23 14:19 - 00000000 ____D C:\ProgramData\CyberLink

2015-08-31 17:54 - 2015-07-29 19:41 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-08-31 17:54 - 2015-04-25 17:00 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2015-08-31 00:47 - 2015-07-23 04:02 - 11188880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETB135.tmp

2015-08-30 14:08 - 2015-05-03 21:34 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Notepad++

2015-08-30 14:08 - 2015-05-03 21:34 - 00000000 ____D C:\Program Files (x86)\Notepad++

2015-08-30 01:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-08-29 23:17 - 2015-07-23 14:19 - 00000000 ____D C:\ProgramData\SUPPORTDIR

2015-08-29 23:13 - 2015-07-23 14:25 - 00000000 ____D C:\Users\xxxx\Documents\CyberLink

2015-08-27 02:37 - 2015-04-25 17:00 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2015-08-27 02:37 - 2015-04-25 17:00 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2015-08-27 02:36 - 2015-04-25 17:00 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2015-08-27 02:36 - 2015-04-25 17:00 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2015-08-26 18:37 - 2015-04-22 06:23 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-08-25 21:47 - 2015-04-26 13:18 - 00000000 ____D C:\Users\xxxx\Documents\bauko 1

2015-08-25 20:38 - 2015-08-13 21:26 - 12611824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETEE2A.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 03480792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETB4B4.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 03074776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETD82C.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 01178576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETD23B.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETF99B.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETC834.tmp

2015-08-25 20:38 - 2015-07-23 04:02 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETF08D.tmp
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-08-01 14:07 - 2015-08-01 14:07 - 0000855 _____ () C:\Users\xxxx\AppData\Local\recently-used.xbel

2015-05-29 00:09 - 2015-07-29 10:29 - 0007603 _____ () C:\Users\xxxx\AppData\Local\Resmon.ResmonCfg

2015-07-29 21:33 - 2015-07-29 21:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-04-23 23:14 - 2015-04-23 23:14 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

2015-07-13 12:45 - 2015-07-13 12:45 - 0010057 _____ () C:\ProgramData\regid.1996-01.de.pixelplanet_CB8E6973-82E1-4437-B8BA-905FCDC7148C.swidtag
 

Einige Dateien in TEMP:

====================

C:\Users\xxxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa0fluz.dll

C:\Users\xxxx\AppData\Local\Temp\ERUNT.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-09-21 12:11
 

==================== Ende von FRST.txt ============================

Addition

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015

durchgeführt von xxxx (2015-09-23 15:45:21)

Gestartet von C:\Users\xxxx\Downloads

Windows 10 Pro (X64) (2015-07-29 18:10:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-655851370-1497040194-593136017-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-655851370-1497040194-593136017-503 - Limited - Disabled)

Gast (S-1-5-21-655851370-1497040194-593136017-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-655851370-1497040194-593136017-1002 - Limited - Enabled)

xxxx (S-1-5-21-655851370-1497040194-593136017-1000 - Administrator - Enabled) => C:\Users\xxxx

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}

AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)

ACA & MEP 2016 Object Enabler (Version: 7.8.44.0 - Autodesk) Hidden

ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)

AutoCAD 2016 - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 Coordination Model Osnap Support (HKLM\...\AutoCAD 2016 Hotfix 1) (Version:  - Autodesk)

AutoCAD 2016 Language Pack - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden

Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)

Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.0 - Autodesk)

Autodesk AutoCAD 2016 - Deutsch (German) (HKLM\...\AutoCAD 2016 - Deutsch (German)) (Version: 20.1.49.0 - Autodesk)

Autodesk AutoCAD 2016 Hotfix 1 (HKLM\...\AutoCAD 2016 Hotfix 2) (Version:  - Autodesk)

Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)

Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{D605F10C-42CB-436E-BC65-3D189AE5FD08}) (Version: 4.36.2452 - Autodesk)

Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)

Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)

Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)

Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)

Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)

Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)

Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)

Bionic Commando (HKLM-x32\...\Steam App 21670) (Version:  - Capcom)

BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)

CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden

Common Desktop Agent (Version: 1.62.0 - OEM) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)

Corto Maltese Secrets of Venice (HKLM-x32\...\Steam App 310460) (Version:  - Kids up hill)

CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.2003.58 - CyberLink Corp.)

Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)

Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)

Dropbox (HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)

Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)

Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)

Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden

EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Far Cry (OEM) (HKLM-x32\...\InstallShield_{F400BA3B-B134-4701-8536-68A99CD44F5A}) (Version: 1.00.0000 - Ihr Firmenname)

Far Cry (OEM) (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden

GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)

Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden

Homefront (HKLM-x32\...\Steam App 55100) (Version:  - Kaos Studios)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)

Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)

L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)

Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)

Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)

Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)

Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.048.00 - Lenovo)

LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)

Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)

Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)

Max Payne (HKLM-x32\...\Max Payne) (Version: 1.0.4.0 - Rockstar Games)

Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version: 1.1.102.0 - Rockstar Games)

Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)

NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)

Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)

NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)

NVIDIA Grafiktreiber 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)

PCFriendly (HKLM-x32\...\PCFriendly) (Version:  - )

PdfEditor 3.0 (64bit) (HKLM\...\{9FB72AA3-2D6A-4FF7-B04F-E393F463732B}) (Version: 3.0.0.16 - PixelPlanet)

PixelPlanet PdfPrinter 7 (64bit) (HKLM\...\{000F58F3-A544-4BB5-AF1B-761EA1C8595C}) (Version: 7.0.92 - PixelPlanet)

Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)

Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - Spellbound)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)

RuckZuck Student (HKLM-x32\...\{59734DF0-626C-4012-94E5-D8F0B72649B4}) (Version: 6.0.13 - MURSOFT)

Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)

Saints Row: Gat out of Hell (HKLM-x32\...\Steam App 301910) (Version:  - Deep Silver Volition)

Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.70.02(21.09.2012) - Samsung Electronics Co., Ltd.)

Samsung ML-2950 Series (HKLM-x32\...\Samsung ML-2950 Series) (Version: 1.15 (25.10.2012) - Samsung Electronics Co., Ltd.)

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden

SketchUp-Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)

Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

Verfügbare Autodesk-Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

Wolfenstein: The Old Blood German Edition (HKLM-x32\...\Steam App 354830) (Version:  - MachineGames)

World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)

Zombie Army Trilogy (HKLM-x32\...\Steam App 301640) (Version:  - Rebellion)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\de-DE\acadficn.dll (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
 

==================== Wiederherstellungspunkte =========================
 

22-09-2015 13:49:30 Ende der Bereinigung

22-09-2015 14:43:52 Windows-Sicherung
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {01EC2C41-2429-427A-B9DE-FCFA66C01B0D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128

Task: {0386F3A9-E63F-4643-BF43-6C562E73A1F6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {05783FED-28DD-4F43-A650-8DEB1C79F596} - System32\Tasks\{C16CAA32-1B46-4D66-851A-38413081F276} => pcalua.exe -a D:\ISSetupPrerequisites\{0BE9572E-8558-404f-B0A5-8C347D145655}\vcredist_x86.exe -d D:\ISSetupPrerequisites\{0BE9572E-8558-404f-B0A5-8C347D145655}

Task: {0BC46AD3-7F80-4A20-AFBC-68355667FD29} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {0E3D7490-839A-4855-9449-16F932FD394A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {19864FEE-B009-4224-9DA0-B467BD27D21A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {1CAD8421-EFAD-46C4-9B65-A0E30F0868F7} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)

Task: {1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {1F3F08BC-3DF3-4448-8CFF-87FA968B89B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {2624D85E-370F-4697-B11B-449F3B842E27} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {2AAC1EBE-662B-4AAF-B14E-A0C594273F4F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {2BF7D33B-4C72-47C5-9E4B-4DDFD32754FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {3099C284-137D-45D0-8D27-0CE28ED0718A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {328B9E24-B646-40DC-A7DF-CB2D5D4F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {39D212EA-043F-42F5-8671-897A85835A55} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {39E3754F-776D-4933-A5F8-B24E363875E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {3CF86DDB-E04A-4668-BEAD-2DBA3F22E5BF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {4035794B-A9D2-4BFB-A1B9-77265F770AB1} - System32\Tasks\{08E2528E-C29B-490C-8A59-01947D20FB54} => pcalua.exe -a D:\RGSC\redistributable\dotnetfx3_x64.exe -d D:\RGSC\redistributable

Task: {49AA92A4-AEDF-47A5-9CCC-B371C8CB3A8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {538CB5B5-701B-4A22-AEAF-48D4201E5D31} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {65CC0171-A1E2-47E2-B6D8-CEFED8DC8673} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)

Task: {66ED3F87-6D10-4481-9898-F9CAF5D07EDB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-19] (AVAST Software)

Task: {67BE7491-9CC2-4CF3-A468-E8B0F57920A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {6EE627CF-7F02-4692-AB62-26B0AAADD3CB} - System32\Tasks\{C225C39F-F2AF-4109-B006-787B0B85E0C9} => pcalua.exe -a D:\RGSC\setup.exe -d D:\RGSC

Task: {71B7887C-67BD-4042-924B-11A42591DFE5} - System32\Tasks\{5A7A453C-BDD3-48A8-B4E8-C246878D776E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {72FC6E1E-A962-4707-8312-C3A3CAC9DBC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {7336AE25-1882-4D7D-AB9E-97C4ECEF470D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {73F25043-228D-4035-8158-11245BB312C9} - System32\Tasks\{A9B2D048-FB29-4E58-B23D-F8CDA2E719F7} => pcalua.exe -a D:\ISSetupPrerequisites\{074EE22F-2485-4FED-83D1-AAC36C3D9ED0}\dotnetfx35.exe -d D:\ISSetupPrerequisites\{074EE22F-2485-4FED-83D1-AAC36C3D9ED0}

Task: {83ACDBC5-4FE7-4367-A189-6BBAEBAD386D} - System32\Tasks\{62C4C7FB-C8E7-4612-83FF-7E6D8786153A} => pcalua.exe -a D:\GTAIV\Redistributable\vcredist_x86.exe -d D:\GTAIV\Redistributable

Task: {85DF9522-3027-45ED-9DE3-E4564DB6EB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {8B26D2B2-C591-421F-A984-8B4A4BBA5D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {900B8A2F-0410-4DE1-9046-FE4E19E03025} - System32\Tasks\{30DFB2FF-873F-4BF6-A88C-6304F02E1B56} => pcalua.exe -a "C:\Drivers\Nvidia VGA Driver 7(64-bit)\Install.exe" -d "C:\Drivers\Nvidia VGA Driver 7(64-bit)"

Task: {92CD746E-4913-4B03-8BF0-D83A2A43ECF6} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()

Task: {95ED5F01-8966-4D72-9F0A-6C72E32A6790} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {97DC4EA1-6B6D-4BB6-9751-0E2D842841EB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {9FBBEF4C-C5B0-4CEB-AFA5-B6ED127D0833} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {A1223286-5FFF-429F-805C-C700D02395C4} - System32\Tasks\{9ECE9736-4473-40CF-AFCC-7AB307EE7E8B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{915726DF-7891-444A-AA03-0DF1D64F561A}\setup.exe" -c -runfromtemp -l0x0407  -removeonly

Task: {A33D6495-C91B-4D08-A003-593D6CC58544} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {A87FB946-5AFA-44A7-B286-7C17767DD180} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {A937EC9E-C52A-4280-B0F7-6F7BF32AB565} - System32\Tasks\{667BF24F-BB3D-4B59-9C9D-425C497D5C9A} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {ABCCF912-79EF-4A44-B7E5-30537576B422} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\Windows\System32\reg.exe [2015-07-10] (Microsoft Corporation)

Task: {B3023635-562B-4BD0-AAD7-18EED2E1B56D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

Task: {B5180223-63C6-4A54-8556-0DEF80682CD1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)

Task: {B5E01190-A3B1-40CB-8D79-E3CA0271A56B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

Task: {B7F8696E-676C-41E1-8326-55C9116869E0} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 

Task: {C1944FE1-E599-48E0-8E47-6826670EB393} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {C230802E-546A-4E0D-9AFA-8B167CB3C42D} - System32\Tasks\{5A88C20B-88E2-4E7F-9E6D-9C0B0A3A4BA0} => pcalua.exe -a D:\RGSC\redistributable\dotnetfx3.exe -d D:\RGSC\redistributable

Task: {D7E0BF87-08F7-4A17-874C-59808ABD6C4A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {DBE48DED-E272-4841-A425-77CFCD06FF75} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {DDF30EED-8120-477B-A9E2-A8D3F0F826E7} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)

Task: {E20E93A3-7719-4948-AC01-D9E6D35200A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {E2DB3F94-584D-40F8-8929-9A9DE47DFA6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {E4EAB74A-B6C1-4E20-95E6-5C41C1FC4698} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {ED3823F4-C576-416E-9CD2-D93169C3A68B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {EFA653FB-D44F-4137-AE74-D51D2E0BC99D} - System32\Tasks\{52DDE1AA-B061-4F87-8A44-7FF3C1631A6F} => pcalua.exe -a D:\FarCryAutoCD.exe -d D:\

Task: {F137692F-8735-4ED5-97AE-676A31A1D86A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {F68301EA-5C2F-40B6-86E9-990B26144990} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()

Task: {F6E92788-AAA9-40F5-ABC1-F360C424D00C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {FA7D5DC6-CEF0-491D-AD7C-9DBB45DEA3B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {FB9C194A-277F-4F62-A415-FBFD55CAFB7A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

Task: {FC5377A4-1DCF-42B6-A290-B38D5F91E118} - System32\Tasks\{6476DA8B-426F-45E6-A127-28DFC7C7EDE4} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {FDE0C50E-1E6A-4599-9EC7-2186126548D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core.job => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA.job => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-07-29 20:37 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll

2015-07-30 12:35 - 2015-07-30 12:35 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll

2015-04-24 00:48 - 2011-04-01 05:30 - 00034304 _____ () C:\WINDOWS\System32\ssk3mlm.dll

2015-06-22 05:24 - 2015-06-22 05:24 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll

2015-08-18 23:58 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll

2015-04-24 00:48 - 2013-07-26 07:42 - 01372160 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\ssk3mdu.dll

2015-07-29 19:41 - 2015-09-14 00:04 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-08-12 00:13 - 2015-08-03 03:09 - 02028544 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll

2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-07-29 20:37 - 2015-07-11 02:57 - 00619008 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll

2015-08-12 00:13 - 2015-08-03 03:09 - 00928768 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll

2015-08-18 23:58 - 2015-08-11 10:58 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll

2015-08-12 00:13 - 2015-08-03 03:11 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2015-08-12 00:13 - 2015-08-03 03:14 - 00882688 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2015-08-12 00:13 - 2015-08-03 03:09 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll

2008-12-20 03:20 - 2015-06-29 13:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll

2012-03-10 16:30 - 2015-06-29 13:05 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll

2012-03-10 16:31 - 2015-06-29 13:05 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll

2008-12-20 03:20 - 2015-06-29 13:05 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll

2015-01-27 21:23 - 2015-01-27 21:23 - 00232328 _____ () C:\Program Files\Autodesk\Autodesk Sync\qjson_Ad_0.dll

2015-01-27 21:23 - 2015-01-27 21:23 - 00048520 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll

2015-01-27 21:23 - 2015-01-27 21:23 - 00059784 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll

2015-01-27 21:23 - 2015-01-27 21:23 - 00922504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll

2015-09-09 01:04 - 2015-09-09 01:04 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll

2015-08-24 20:28 - 2015-08-24 20:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

2014-06-11 05:34 - 2014-06-11 05:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-09-22 11:33 - 2015-09-22 11:33 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092200\algo.dll

2015-09-23 01:50 - 2015-09-23 01:50 - 02965504 _____ () C:\Program Files\AVAST Software\Avast\defs\15092201\algo.dll

2015-04-24 00:05 - 2015-07-08 08:14 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll

2015-04-24 00:05 - 2015-07-08 08:14 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll

2015-07-23 14:23 - 2015-02-12 13:18 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\sqlite3.dll

2015-09-23 14:54 - 2015-09-23 14:54 - 00071168 _____ () c:\users\xxxx\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa0fluz.dll

2015-07-22 14:45 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\xxxx\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll

2015-05-05 22:34 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\xxxx\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll

2015-07-30 12:28 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\xxxx\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll

2015-07-22 14:45 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\xxxx\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-05-28 09:20 - 2005-06-24 19:05 - 00045056 _____ () C:\Program Files (x86)\Lenovo\EnergyCut\HookLib.dll

2015-07-23 14:22 - 2015-08-10 08:18 - 00867256 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\common\UNO\UNO.dll

2015-07-23 14:21 - 2013-12-10 13:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ctypes.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_hashlib.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_socket.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ssl.pyd

2015-09-21 20:07 - 2015-09-19 00:13 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll

2015-09-21 20:07 - 2015-09-19 00:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\07691b92ea759c745d3d14f9d15296c6:Win32App

AlternateDataStreams: C:\1b6ca9d1070819a3a9766ae9:Win32App

AlternateDataStreams: C:\2eeb02961b05a80aff04ae3697c5df:Win32App

AlternateDataStreams: C:\30f13ae1f376dbdbf3:Win32App

AlternateDataStreams: C:\60662fb4f84530340c:Win32App

AlternateDataStreams: C:\961e9c4053ff49a2f2c2bb3c8cad4b:Win32App

AlternateDataStreams: C:\a7bf195f8658e17a6346c4a13ebb5065:Win32App

AlternateDataStreams: C:\c714b680540639fa14c8677e4764c4b8:Win32App

AlternateDataStreams: C:\d21a7c36e4033540052a48:Win32App

AlternateDataStreams: C:\dfb59037b8fd9a7a2f5aff2ba02c2b33:Win32App

AlternateDataStreams: C:\Program Files\CCleaner:Win32App

AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App

AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App

AlternateDataStreams: C:\Program Files (x86)\Dolby Advanced Audio v2:Win32App

AlternateDataStreams: C:\Program Files\Common Files\Autodesk Shared:Win32App

AlternateDataStreams: C:\ProgramData\Autodesk:Win32App

AlternateDataStreams: C:\Users\xxxx\Downloads\DelFix_1.011.exedentifier:$DATA

AlternateDataStreams: C:\Users\xxxx\Documents\RZDB:Win32App
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Control Panel\Desktop\\Wallpaper -> c:\users\xxxx\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\82331.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

MSCONFIG\startupreg: 331BigDog => C:\Program Files (x86)\USB Camera\VM331_STI.EXE

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

HKLM\...\StartupApproved\Run32: => "PixelPlanet PdfPrinter-Monitor"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{C29798CB-1FCD-407E-BB4C-D8587AB47165}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{17F1F008-CDC6-4BB7-A718-DEF915DFDB14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{03DEEA1D-E6D4-4353-9922-5D258F430E2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{E0F50524-4FF4-41C5-8140-C0CC10417246}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{5FE5B0E5-C4F0-40DA-A3A6-0DFAEE2C103B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{A89A18B2-9782-41BC-A7CE-14BE4204B09F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe

FirewallRules: [{FCCCDE85-0C34-4938-B7CF-C110948B71C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe

FirewallRules: [{E01F1335-0281-4156-AE34-F9DBBB177C67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe

FirewallRules: [{8AEFAA9D-4D4C-48B8-88E6-689C9F4D140B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe

FirewallRules: [{5CCD3541-5718-4F13-BE60-FFFD7AD01E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

FirewallRules: [{244DFD35-6CF0-4EA5-AF23-4CE19DE7F193}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

FirewallRules: [{1C64DD5A-687A-4B97-9340-722431D36C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe

FirewallRules: [{7E55BC62-3E5C-4FD6-AB6D-85A99551DFDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe

FirewallRules: [{79E309DF-2A59-40E7-AC8C-B00AE7556852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{C54D821C-C0F6-48BA-A231-0BDFF8F8C8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{9881A05C-C53E-4DA0-B1A1-67292E21A33E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe

FirewallRules: [{95560F3B-EEA9-452D-9732-52FF4A9BD78E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe

FirewallRules: [{7B70B84E-3B72-4EF6-8BA2-89CD88DA7E3F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe

FirewallRules: [{98347DEB-8C71-4DFD-A07F-0D74B28900B0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe

FirewallRules: [{C8FDD398-D9E1-4BF3-B340-B1F2B41F31F6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe

FirewallRules: [{089167EE-E545-41AB-8971-663CE639800C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe

FirewallRules: [{1B8D173F-5D4E-418C-9E7D-B7E7365076FC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe

FirewallRules: [{31699E27-C863-4B1D-811F-F13472C32E44}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe

FirewallRules: [{1F5F4683-7EC8-43A3-AB3F-6E3A842FE5D1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

FirewallRules: [{CA488F8D-9A46-438C-872F-DF40024B1126}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

FirewallRules: [{D8F404E5-C015-4487-B00A-FA1479573466}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{A13B6819-2DAA-4DF7-9425-D8833CB0D2B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{32CD0E5A-D0A1-4B50-9031-3FEBC7B1CF44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.Old.Blood.DE\WolfOldBlood_x64.exe

FirewallRules: [{DEA31B9B-EEB9-4116-92F1-54773E90A566}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.Old.Blood.DE\WolfOldBlood_x64.exe

FirewallRules: [{7D6DA460-70F5-46A6-968E-263150EE796D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Corto Maltese Secrets of Venice\CortoMaltese.exe

FirewallRules: [{91B2439B-9EB1-4E21-8810-9CE7DB0679CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Corto Maltese Secrets of Venice\CortoMaltese.exe

FirewallRules: [{904806EC-CD39-4FB5-BCA0-58C66DEAB484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bionic Commando\bionic_commando.exe

FirewallRules: [{221FABA9-1CA8-41CD-92B4-3C5D511CFEEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bionic Commando\bionic_commando.exe

FirewallRules: [{97879926-BBF4-4945-A7A4-FC89937D35DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe

FirewallRules: [{60412F58-1B2C-40C3-B6D7-22EC3728975F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe

FirewallRules: [{DFAD0778-156F-4020-8B84-4666A1C9370B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe

FirewallRules: [{3FBF7B5E-FDAB-4961-9EC5-0207C6FA79D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe

FirewallRules: [UDP Query User{4AA84024-0BE3-4B47-B774-A27A220DA5DD}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [TCP Query User{143F399C-4B23-468D-A202-5949827446E9}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{100B414F-A3FC-4D11-908E-534F3B56F438}] => (Allow) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{82F695B8-181F-4FE3-A7A7-F11B5D3CFE9B}] => (Allow) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{AB086A1C-EA3C-45CE-B41A-29DA908442F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe

FirewallRules: [{708C5C58-F479-4ADD-8F03-17359F74FA7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe

FirewallRules: [{6F5BA8DC-A567-4DDC-94D9-7B7910BED956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe

FirewallRules: [{BDDA61BE-4CE1-4A37-BCE3-E0CE28D33E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe

FirewallRules: [{722F74C1-41D0-473C-B449-6E75E0B13910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe

FirewallRules: [{56112707-2DC3-4D1F-9C7D-83C54B5BE0E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe

FirewallRules: [{1B21A0AD-EAE7-492C-8DA2-DEC825F88EB0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{33B39C14-97AC-49E2-A422-3E9CAAEB56D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [UDP Query User{027FDC18-C7C4-4B67-A6B7-54215CD21C4B}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe

FirewallRules: [TCP Query User{68F22134-1C42-440A-9BF2-E80941051D61}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe

FirewallRules: [{22813713-FD76-4325-934C-D64798E7F134}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{590FF701-A144-4D34-9393-18A253B26B65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{5B0618BF-DFDF-4DD9-8893-6161EA90B2ED}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe

FirewallRules: [{641531A3-30E8-4D06-A9B3-5FE058E2D459}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe

FirewallRules: [{A751879A-BF70-41A4-BBE7-11535BA65C1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{EC904DB9-13D0-4B5F-B6ED-7DB7241B9F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [UDP Query User{33EEF96C-250E-4338-B312-FE831CE385F8}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{77A50A3E-B70A-4930-BE7E-2476B76F20C7}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [{5BE110FE-9233-4622-BB85-BE2342D40B6E}] => (Allow) LPort=50248

FirewallRules: [{70AF606C-6D79-48D4-912D-E0614DA7C62A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{5CD6883D-4001-4D55-A21B-D1CB4AE68304}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{F618B9B2-E9F3-4E5A-B43B-80698DDF8577}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A2EFD8AB-83FA-403D-89A1-9295C5066C08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [UDP Query User{563283D4-EE31-4C1E-BDB5-4849C9D978A3}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{C8AC7A40-72D0-4487-9C27-886CB08F7486}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [{7537F5AD-8AC8-461E-AE38-CDCB4C1B8646}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prototype\prototypef.exe

FirewallRules: [{37B2B0D1-F630-46CB-9AC8-B73C79FCC08D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prototype\prototypef.exe

FirewallRules: [{75E82420-C82B-4D42-8F42-5D62F0A6448C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\rf4_launcher.exe

FirewallRules: [{77F39796-B703-43D8-928A-73591CF431A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\rf4_launcher.exe

FirewallRules: [{24B627DE-DB98-4679-810B-FCB19D8DCBB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon.exe

FirewallRules: [{240C3792-82E8-42D4-A0EC-A5C57968275E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon.exe

FirewallRules: [{9B59B28E-7EFE-4999-AA09-509F094C4C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon_DX11.exe

FirewallRules: [{CF5BC5E8-1EC4-40EF-82B0-AAF00D7FF723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon_DX11.exe

FirewallRules: [{A7C1CD67-B7A9-4F4A-BDDD-AF7FB5479EFE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe

FirewallRules: [{095E29DB-3C91-484C-9B8E-1DD00B8740F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe

FirewallRules: [{C4F2B600-53E1-479E-A64B-7AC6ECE35794}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe

FirewallRules: [{7998367C-4852-4E0A-8406-C07489BCE924}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe

FirewallRules: [{802523BA-EDF3-4E17-A80E-32821478DA08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe

FirewallRules: [{A9DDA03F-00CA-4A52-99E6-AEAAD96ED3B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe

FirewallRules: [{BA3D0F42-FEE7-4A01-85F2-5C28F9D2A549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe

FirewallRules: [TCP Query User{9A1DC18C-E93D-43CC-A206-E55C06EBD58E}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [UDP Query User{D244FA66-1BFC-41E4-BAB3-77AB54F97A1B}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [{AF423948-B54C-4906-B6ED-47ACC54A020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{64105D8D-96FB-49EE-BAE1-6CFEF120FB70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{D415045E-D31E-4C10-9600-C5D0F68CD3E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin Hood\Game.exe

FirewallRules: [{EEB1656A-67BC-4679-9345-8E2F54F0B433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin Hood\Game.exe

FirewallRules: [{F2E827F7-CDC1-4D00-937E-0D3C7B9C820C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{960796DA-6080-4222-B312-73984345B799}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{A0E34291-09E6-47E6-89FD-079974213267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe

FirewallRules: [{1BEF6437-F906-4A0E-9A77-2F3836B0FC39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe

FirewallRules: [{6D12B3C3-C53A-4B3C-8AD5-3CE005E869C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{5FB59949-F948-4D9C-9FDA-3EC205DBB9A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/23/2015 03:39:53 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
 

Error: (09/23/2015 03:01:03 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1

Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1

Ausnahmecode: 0x40000015

Fehleroffset: 0x00052d24

ID des fehlerhaften Prozesses: 0xd4

Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0

Pfad der fehlerhaften Anwendung: jucheck.exe1

Pfad des fehlerhaften Moduls: jucheck.exe2

Berichtskennung: jucheck.exe3

Vollständiger Name des fehlerhaften Pakets: jucheck.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5
 

Error: (09/23/2015 03:03:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/23/2015 03:03:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/23/2015 03:03:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/23/2015 03:03:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/23/2015 02:37:52 AM) (Source: MsiInstaller) (EventID: 11310) (User: xxxx-PC)

Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\xxxx\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
 

Error: (09/23/2015 02:37:01 AM) (Source: MsiInstaller) (EventID: 11310) (User: xxxx-PC)

Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\xxxx\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
 

Error: (09/23/2015 02:35:23 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: svchost.exe_Wcmsvc, Version: 10.0.10240.16384, Zeitstempel: 0x559f38cb

Name des fehlerhaften Moduls: SubscriptionMgr.dll, Version: 10.0.10240.16425, Zeitstempel: 0x55bec160

Ausnahmecode: 0xe0464645

Fehleroffset: 0x000000000000a7ef

ID des fehlerhaften Prozesses: 0x320

Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Wcmsvc0

Pfad der fehlerhaften Anwendung: svchost.exe_Wcmsvc1

Pfad des fehlerhaften Moduls: svchost.exe_Wcmsvc2

Berichtskennung: svchost.exe_Wcmsvc3

Vollständiger Name des fehlerhaften Pakets: svchost.exe_Wcmsvc4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Wcmsvc5
 

Error: (09/23/2015 02:35:02 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: svchost.exe_Wcmsvc, Version: 10.0.10240.16384, Zeitstempel: 0x559f38cb

Name des fehlerhaften Moduls: SubscriptionMgr.dll, Version: 10.0.10240.16425, Zeitstempel: 0x55bec160

Ausnahmecode: 0xe0464645

Fehleroffset: 0x000000000000a7ef

ID des fehlerhaften Prozesses: 0x320

Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_Wcmsvc0

Pfad der fehlerhaften Anwendung: svchost.exe_Wcmsvc1

Pfad des fehlerhaften Moduls: svchost.exe_Wcmsvc2

Berichtskennung: svchost.exe_Wcmsvc3

Vollständiger Name des fehlerhaften Pakets: svchost.exe_Wcmsvc4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_Wcmsvc5
 
 

Systemfehler:

=============

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:54:16 PM) (Source: DCOM) (EventID: 10016) (User: xxxx-PC)

Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}xxxx-PCxxxxS-1-5-21-655851370-1497040194-593136017-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 

Error: (09/23/2015 02:30:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "CyberLink PowerDVD 15 Media Server Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
 

Error: (09/23/2015 02:17:34 PM) (Source: DCOM) (EventID: 10010) (User: xxxx-PC)

Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 

Error: (09/23/2015 03:03:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "CyberLink PowerDVD 15 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

CodeIntegrity:

===================================

  Date: 2015-09-22 18:32:57.561

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-09-22 14:32:02.855

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-09-22 14:30:31.942

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2015-09-22 14:30:20.169

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-06 01:22:54.241

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-06 01:22:41.756

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:44:27.930

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:28:17.765

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:22:53.666

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:22:46.137

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz

Prozentuale Nutzung des RAM: 37%

Installierter physikalischer RAM: 8091.27 MB

Verfügbarer physikalischer RAM: 5057.95 MB

Summe virtueller Speicher: 16283.27 MB

Verfügbarer virtueller Speicher: 12529.15 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:930.84 GB) (Free:560.91 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Zukünftig bitte beachten:

Zitat:

Gestartet von C:\Users\xxxx\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

ADWCleaner

Code:

# AdwCleaner v5.008 - Bericht erstellt am 23/09/2015 um 19:24:40

# Aktualisiert am 18/09/2015 von Xplode

# Datenbank : 2015-09-23.1 [Server]

# Betriebssystem : Windows 10 Pro  (x64)

# Benutzername : xxxx - xxxx-PC

# Gestartet von : C:\Users\xxxx\Desktop\AdwCleaner_5.008.exe

# Option : Suchlauf

# Unterstützung : hxxp://toolslib.net/forum
 

***** [ Dienste ] *****
 
 

***** [ Ordner ] *****
 
 

***** [ Dateien ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Geplante Tasks ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 
 

***** [ Internetbrowser ] *****
 
 

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [583 Bytes] ##########

Mbam

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 23.09.2015

Suchlaufzeit: 19:42

Protokolldatei: mbamlog.txt

Administrator: Ja
 

Version: 2.1.8.1057

Malware-Datenbank: v2015.06.03.03

Rootkit-Datenbank: v2015.09.22.01

Lizenz: Kostenlose Version

Malware-Schutz: Deaktiviert

Schutz vor bösartigen Websites: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 10

CPU: x64

Dateisystem: NTFS

Benutzer: xxxx
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 445084

Abgelaufene Zeit: 35 Min., 25 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 0

(keine bösartigen Elemente erkannt)
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

pc hatte sich aufgehangen beim jrt scan musste ihn ausmachen
mach aber einen neuen

brauch n bisschen länger beim jrt scan

Servus,

ok.
Poste bitte noch die Logdateien von JRT und FRST.

jrt

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.6.3 (09.21.2015:1)

OS: Windows 10 Pro x64

Ran by xxxx on 24.09.2015 at 21:48:34,43

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Chrome
 
 

[C:\Users\jan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 

[C:\Users\jan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 

[C:\Users\jan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 

[C:\Users\jan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 24.09.2015 at 22:25:48,89

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Frst

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015

durchgeführt von xxxx (Administrator) auf xxxx-PC (24-09-2015 22:28:39)

Gestartet von C:\Users\xxxx\Desktop

Geladene Profile: xxxx (Verfügbare Profile: xxxx & DefaultAppPool)

Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSMonitorServicePDVD15.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-06-29] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2015-06-29] (Lenovo(beijing) Limited)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-19] (AVAST Software)

HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-07-08] (Autodesk Inc.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\EnergyCut\utilty.exe [1581056 2007-04-27] (Lenovo(beijing) Limited)

HKLM-x32\...\Run: [EnergyCut] => C:\Program Files (x86)\Lenovo\EnergyCut\EnergyCut.exe [1167360 2007-03-09] (Lenovo (Beijing) Limited)

HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [949960 2015-08-10] (CyberLink Corp.)

HKLM-x32\...\Run: [PixelPlanet PdfPrinter-Monitor] => C:\Program Files (x86)\Common Files\PixelPlanet\PdfPrinter 7\PdfPrinterMonitor.exe [6324984 2015-02-05] (PixelPlanet)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)

HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)

HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4939800 2015-08-20] (Emsisoft Ltd)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Run: [Dropbox Update] => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Policies\Explorer: [] 

AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-09-14] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-09-14] (NVIDIA Corporation)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-19] (AVAST Software)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)

Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-05]

ShortcutTarget: Dropbox.lnk -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Hosts Datei wurde nicht im Standardordner gefunden

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{28a5aebd-1edc-41fe-8a89-33687711c8f1}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{c0635005-5303-403f-8bfe-766deb8a5f99}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-22] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-22] (Oracle Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-22] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF Extension: Ghostery - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\firefox@ghostery.com.xpi [2015-09-23]

FF Extension: CookieCuller - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2015-09-23]

FF Extension: Adblock Plus - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3vtq2ypr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
 

Chrome: 

=======

CHR StartupUrls: Default -> "hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl"

CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Adguard Werbeblocker) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-09-19]

CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-09-21]

CHR Extension: (Adblock Plus) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]

CHR Extension: (KB SSL Enforcer) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpelgcagfhfoegekianiofphddckof [2015-09-21]

CHR Extension: (Chrome Remote Desktop) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-09-19]

CHR Extension: (HTTPS Everywhere) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-09-19]

CHR Extension: (Click&Clean) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-09-22]

CHR Extension: (Vanilla Cookie Manager) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gieohaicffldbmiilohhggbidhephnjj [2015-09-22]

CHR Extension: (AdBlock) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-19]

CHR Extension: (Avast Online Security) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]

CHR Extension: (Safe Preview) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmbdchmgaaihfdlphhcdlecjehdngbk [2015-09-23]

CHR Extension: (WEB.DE MailCheck) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-09-19]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-22]

CHR Extension: (Avira SafeSearch) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2015-09-19]

CHR Extension: (Ghostery) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-22]

CHR Extension: (Norton Safe) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-09-22]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-22]

CHR Extension: (AddBllock Plus) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohojmbanobkkhndjgkemcaocpinjfehk [2015-09-19]

CHR Extension: (MegaStar Sliding) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfaogkfljpdfmodbmbogiiblppijleen [2015-09-19]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5531008 2015-08-20] (Emsisoft Ltd)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1128840 2015-07-08] (Autodesk Inc.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-19] (AVAST Software)

R2 CyberLink PowerDVD 15 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSMonitorServicePDVD15.exe [77240 2015-08-10] (CyberLink)

R2 CyberLink PowerDVD 15 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe [323000 2015-06-07] (CyberLink)

S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)

S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2015-07-11] (Intel Corporation)

S2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [34760 2015-09-18] (Lenovo Group Limited)

S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)

S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation)

S2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)

S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)

S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)

U2 OneSyncSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U2 OneSyncSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

U3 PimIndexMaintenanceSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 PimIndexMaintenanceSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)

U3 UnistoreSvc_Session20; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 UnistoreSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

U3 UserDataSvc_Session20; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)

U3 UserDataSvc_Session20; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [55800 2015-06-02] ()

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-19] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-19] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-19] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-19] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-19] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-19] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-19] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-19] (AVAST Software)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-07-10] (Broadcom Corporation)

R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-08-07] (Emsisoft GmbH)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-21] (REALiX(tm))

R3 L1C; C:\Windows\System32\drivers\L1C62x64.sys [129224 2015-04-21] (Qualcomm Atheros Co., Ltd.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-04-21] (Intel Corporation)

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)

R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation)

S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-08-10] (CyberLink Corp.)

U3 idsvc; kein ImagePath

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

U3 wpcsvc; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-09-24 22:28 - 2015-09-24 22:29 - 00023108 _____ C:\Users\xxxx\Desktop\FRST.txt

2015-09-24 22:25 - 2015-09-24 22:25 - 00016148 _____ C:\WINDOWS\system32\JAN-PC_xxxx_HistoryPrediction.bin

2015-09-24 22:25 - 2015-09-24 22:25 - 00001045 _____ C:\Users\xxxx\Desktop\JRT.txt

2015-09-24 21:32 - 2015-09-24 21:33 - 01798976 _____ (Malwarebytes) C:\Users\xxxx\Desktop\JRT.exe

2015-09-23 21:21 - 2015-09-23 21:21 - 00000376 _____ C:\WINDOWS\PFRO.log

2015-09-23 20:20 - 2015-09-23 20:20 - 00000000 ____D C:\Users\xxxx\Desktop\farbar

2015-09-23 19:45 - 2015-09-23 19:45 - 00000000 ____D C:\Users\xxxx\Desktop\Malwarebytes Anti-Malware

2015-09-23 19:37 - 2015-09-23 19:42 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-09-23 19:37 - 2015-09-23 19:37 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-09-23 19:37 - 2015-09-23 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-09-23 19:37 - 2015-09-23 19:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-09-23 19:37 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-09-23 19:37 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-09-23 19:37 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-09-23 19:35 - 2015-09-23 19:36 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\xxxx\Downloads\mbam-setup-2.1.8.1057.exe

2015-09-23 19:20 - 2015-09-23 19:20 - 01662976 _____ C:\Users\xxxx\Desktop\AdwCleaner_5.008.exe

2015-09-23 18:57 - 2015-09-24 21:52 - 00001192 _____ C:\WINDOWS\setupact.log

2015-09-23 18:57 - 2015-09-23 18:57 - 00000000 _____ C:\WINDOWS\setuperr.log

2015-09-23 18:54 - 2015-09-23 18:54 - 00001160 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2015-09-23 18:54 - 2015-09-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

2015-09-23 18:47 - 2015-09-24 22:10 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

2015-09-23 17:58 - 2015-09-23 18:05 - 174587984 _____ (Emsisoft Ltd. ) C:\Users\xxxx\Downloads\EmsisoftAntiMalwareSetup.exe

2015-09-23 17:42 - 2015-09-23 17:42 - 00000840 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old

2015-09-23 16:28 - 2015-09-23 16:28 - 00001704 _____ C:\Users\xxxx\Desktop\quarantine.txt

2015-09-23 15:51 - 2015-09-23 15:51 - 16563352 _____ (Malwarebytes Corp.) C:\Users\xxxx\Downloads\mbar-1.09.3.1001.exe

2015-09-23 15:42 - 2015-09-24 22:27 - 02192384 _____ (Farbar) C:\Users\xxxx\Desktop\FRST64.exe

2015-09-23 02:49 - 2015-09-23 02:49 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\KeePass

2015-09-23 02:33 - 2015-09-23 02:33 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2015-09-23 02:33 - 2015-09-23 02:33 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2

2015-09-23 02:32 - 2015-09-23 02:32 - 03058696 _____ (Dominik Reichl ) C:\Users\xxxx\Downloads\KeePass-2.30-Setup.exe

2015-09-23 01:47 - 2015-09-23 01:50 - 00000000 ____D C:\Program Files (x86)\BFilter

2015-09-22 22:55 - 2015-09-23 18:22 - 00000000 ____D C:\WINDOWS\SysWOW64\NV

2015-09-22 22:55 - 2015-09-23 18:22 - 00000000 ____D C:\WINDOWS\system32\NV

2015-09-22 22:51 - 2015-09-22 00:56 - 00041600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys

2015-09-22 22:51 - 2015-09-14 02:24 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 18569848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 17934400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 16646112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 15631128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 15336024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 14945040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 13666840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 12191856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435598.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435598.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 01064056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00986416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-09-22 22:51 - 2015-09-14 02:24 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-09-22 19:07 - 2015-09-23 17:58 - 00000000 ____D C:\ProgramData\Emsisoft

2015-09-22 18:45 - 2015-09-24 22:29 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware

2015-09-22 18:08 - 2015-09-22 18:08 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\5F6859F4.sys

2015-09-22 17:38 - 2015-09-22 17:39 - 00000600 _____ C:\Users\xxxx\PUTTY.RND

2015-09-22 17:28 - 2015-09-22 17:28 - 03839960 _____ (AVAST Software) C:\Users\xxxx\Downloads\avast-browserv2-cleanup-sfx.exe

2015-09-22 15:33 - 2015-09-22 15:33 - 00000000 ____D C:\Users\xxxx\AppData\Local\Mixesoft

2015-09-22 15:25 - 2015-09-24 22:28 - 00000000 ____D C:\FRST

2015-09-22 15:09 - 2015-09-23 19:24 - 00000000 ____D C:\AdwCleaner

2015-09-22 14:28 - 2015-09-22 14:28 - 00002259 _____ C:\WINDOWS\epplauncher.mif

2015-09-22 14:19 - 2015-09-22 14:21 - 25385247 _____ C:\Users\xxxx\Downloads\mse_dt_48.zip

2015-09-22 14:11 - 2015-09-22 14:11 - 02870984 _____ (ESET) C:\Users\xxxx\Downloads\esetsmartinstaller_deu.exe

2015-09-22 14:11 - 2015-09-22 14:11 - 00000000 ____D C:\Program Files (x86)\ESET

2015-09-22 14:09 - 2015-09-23 18:31 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{400C29BF-7C3D-4656-91E7-533BBD52D5CB}

2015-09-22 14:09 - 2015-09-22 14:09 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Sun

2015-09-22 14:09 - 2015-09-22 14:09 - 00000000 ____D C:\Users\xxxx\.oracle_jre_usage

2015-09-22 14:08 - 2015-09-22 14:09 - 00000000 ____D C:\ProgramData\Oracle

2015-09-22 14:08 - 2015-09-22 14:08 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-09-22 14:08 - 2015-09-22 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-09-22 14:08 - 2015-09-22 14:08 - 00000000 ____D C:\Program Files (x86)\Java

2015-09-22 14:06 - 2015-09-22 14:06 - 00584288 _____ (Oracle Corporation) C:\Users\xxxx\Downloads\JavaSetup8u60.exe

2015-09-22 14:04 - 2015-09-23 19:01 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2015-09-22 14:04 - 2015-09-22 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2015-09-22 14:04 - 2015-09-22 14:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit

2015-09-22 14:02 - 2015-09-22 14:02 - 02865192 _____ (Malwarebytes ) C:\Users\xxxx\Downloads\mbae-setup-1.07.1.1015.exe

2015-09-22 13:50 - 2015-09-24 17:56 - 00003634 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask

2015-09-22 13:48 - 2015-09-23 15:40 - 00000174 _____ C:\DelFix.txt

2015-09-22 13:48 - 2015-09-22 13:48 - 00000000 ____D C:\WINDOWS\ERUNT

2015-09-22 12:31 - 2015-09-22 12:31 - 02366824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll

2015-09-22 12:22 - 2015-09-22 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-09-21 16:58 - 2015-09-21 20:07 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-09-21 16:58 - 2015-09-21 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-09-21 16:51 - 2015-09-21 16:51 - 00001337 _____ C:\Users\xxxx\Desktop\Revo Uninstaller.lnk

2015-09-21 16:51 - 2015-09-21 16:51 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2015-09-21 12:32 - 2015-09-23 15:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-09-20 23:48 - 2015-09-22 17:29 - 00003288 _____ C:\WINDOWS\System32\Tasks\avastBCLRestart_chrome.exe

2015-09-20 23:37 - 2015-09-20 23:40 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware

2015-09-20 02:55 - 2015-09-20 02:55 - 00000000 ____D C:\Users\xxxx\AppData\Local\THQ

2015-09-20 02:55 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll

2015-09-20 02:55 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll

2015-09-19 22:31 - 2015-09-19 22:31 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-09-19 20:15 - 2015-09-19 20:15 - 00000220 _____ C:\Users\xxxx\Desktop\Saints Row 2.url

2015-09-19 14:27 - 2015-09-19 14:27 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2015-09-19 14:27 - 2015-09-19 14:27 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2015-09-18 20:49 - 2015-09-18 20:49 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten

2015-09-18 20:49 - 2015-09-18 20:49 - 00000000 ____D C:\Users\DefaultAppPool

2015-09-18 20:49 - 2015-08-12 02:14 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-09-18 20:49 - 2015-07-30 17:30 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-09-18 20:49 - 2015-07-10 13:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2015-09-18 12:35 - 2015-09-18 12:35 - 00000000 ____D C:\WINDOWS\46ED2B6485C74E1F920CA555B21F2E4C.TMP

2015-09-16 16:32 - 2015-09-16 16:32 - 00000000 ___RD C:\Users\xxxx\3D Objects

2015-09-13 14:24 - 2015-09-13 14:24 - 00000000 ____D C:\Program Files\Rockstar Games

2015-09-13 14:21 - 2015-09-13 14:21 - 00002171 _____ C:\Users\Public\Desktop\L.A. Noire.lnk

2015-09-13 13:45 - 2015-09-13 14:21 - 186155112 _____ C:\Users\xxxx\Downloads\LAN_Patch_2617_0_0_0.exe

2015-09-13 13:38 - 2015-09-13 13:38 - 00003438 _____ C:\WINDOWS\System32\Tasks\{9ECE9736-4473-40CF-AFCC-7AB307EE7E8B}

2015-09-13 13:08 - 2015-09-13 13:08 - 00000000 ____D C:\Users\xxxx\AppData\Local\Chromium

2015-09-12 17:14 - 2015-09-12 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft

2015-09-12 17:08 - 2015-09-12 17:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft

2015-09-12 16:58 - 2015-09-12 16:58 - 00003190 _____ C:\WINDOWS\System32\Tasks\{52DDE1AA-B061-4F87-8A44-7FF3C1631A6F}

2015-09-12 13:09 - 2015-09-21 11:48 - 00075938 _____ C:\Users\xxxx\Downloads\ProbeklausurBaustoffe2.odt

2015-09-12 01:33 - 2015-09-12 01:33 - 00000000 ____D C:\Users\xxxx\AppData\Local\PAYDAY

2015-09-11 18:01 - 2015-09-11 18:01 - 00463142 _____ C:\Users\xxxx\Downloads\pokemon_green.zip

2015-09-11 17:59 - 2015-09-11 17:59 - 00529265 _____ C:\Users\xxxx\Downloads\epsxe170.zip

2015-09-11 17:58 - 2015-09-11 18:02 - 00002024 _____ C:\Users\xxxx\Downloads\vba1.ini

2015-09-11 17:58 - 2015-09-11 17:58 - 01380476 _____ (None) C:\Users\xxxx\Downloads\VisualBoyAdvance-1.8.0-511.exe

2015-09-11 17:56 - 2015-09-11 17:56 - 00404766 _____ C:\Users\xxxx\Downloads\bgb.zip

2015-09-11 17:27 - 2015-09-11 17:27 - 00249294 _____ C:\Users\xxxx\Downloads\PDTH_trainer_v1.6.rar

2015-09-11 15:55 - 2015-09-11 15:55 - 00013685 _____ C:\Users\xxxx\Downloads\Bioshock (1).CT

2015-09-11 15:23 - 2015-09-11 15:24 - 28319683 _____ C:\Users\xxxx\Downloads\Bioshock_Version_11_Patch_USK_German_and_English.zip

2015-09-11 15:14 - 2015-09-11 15:56 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Bioshock

2015-09-11 15:14 - 2015-09-11 15:42 - 00000000 ____D C:\Users\xxxx\Documents\Bioshock

2015-09-11 15:06 - 2015-09-11 15:06 - 00013685 _____ C:\Users\xxxx\Downloads\Bioshock.CT

2015-09-11 15:02 - 2015-09-11 15:02 - 00025767 _____ C:\Users\xxxx\Downloads\BioShockInfinite.CT

2015-09-11 15:00 - 2015-09-11 15:00 - 00000000 ____D C:\Program Files (x86)\2K Games

2015-09-09 23:17 - 2015-09-10 01:05 - 00000000 ____D C:\Users\xxxx\Documents\Max Payne 2 Savegames

2015-09-09 16:35 - 2015-09-09 16:46 - 00000000 ____D C:\ProgramData\Ashampoo

2015-09-09 16:34 - 2015-09-09 16:56 - 00000000 ____D C:\Program Files (x86)\Ashampoo

2015-09-09 16:31 - 2015-09-09 16:32 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Users\xxxx\Downloads\ashampoo_winoptimizer_2015_18590.exe

2015-09-09 16:24 - 2015-09-09 16:25 - 03173296 _____ ( ) C:\Users\xxxx\Downloads\TuneUp_Remover.exe

2015-09-09 16:24 - 2015-09-09 16:24 - 00359656 _____ (Microsoft Corporation) C:\Users\xxxx\Downloads\msicuu2.exe

2015-09-09 16:21 - 2015-09-09 16:25 - 115845912 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuht_stf_all_2015_638 (1).exe

2015-09-09 16:00 - 2015-09-09 16:00 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\AVG

2015-09-09 15:54 - 2015-09-09 16:18 - 115845912 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_tuht_stf_all_2015_638.exe

2015-09-09 15:51 - 2015-09-09 16:18 - 00000000 ____D C:\ProgramData\Avg

2015-09-09 15:50 - 2015-09-09 16:17 - 00000000 ____D C:\Users\xxxx\AppData\Local\AvgSetupLog

2015-09-09 15:50 - 2015-09-09 15:59 - 00000000 ____D C:\Users\xxxx\AppData\Local\Avg

2015-09-09 15:49 - 2015-09-09 15:50 - 16902552 _____ (AVG Technologies) C:\Users\xxxx\Downloads\avg_gse_stb_all_ltst_96.exe

2015-09-09 01:06 - 2015-09-09 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-09-09 01:04 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-09-09 01:04 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-09-09 01:04 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2015-09-09 01:04 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-09-09 01:04 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-09-09 01:04 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2015-09-09 01:04 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll

2015-09-09 01:03 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2015-09-09 01:03 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-09-09 01:03 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-09-09 01:03 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-09-09 01:03 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-09-09 01:03 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-09-09 00:57 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-09-09 00:57 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-09-09 00:57 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2015-09-09 00:57 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2015-09-09 00:57 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-09-09 00:57 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-09-09 00:57 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2015-09-09 00:57 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-09-09 00:57 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll

2015-09-09 00:56 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-09-09 00:56 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2015-09-09 00:56 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-09-09 00:56 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-09-09 00:56 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-09-09 00:56 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-09-09 00:56 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll

2015-09-09 00:56 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-09-09 00:55 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-09-09 00:55 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-09-09 00:33 - 2015-09-09 00:33 - 00000000 ___HD C:\$SysReset

2015-09-07 13:51 - 2015-09-07 13:51 - 17213758 _____ C:\Users\xxxx\Downloads\RZ600StudSetup (1).zip

2015-09-06 14:37 - 2015-09-06 14:37 - 00000000 ____D C:\Users\xxxx\Documents\Hitman Blood Money

2015-09-06 14:33 - 2015-09-09 00:29 - 00000000 ____D C:\Program Files (x86)\GameShadow

2015-09-05 23:01 - 2015-09-05 23:01 - 00000000 ____D C:\Program Files (x86)\Eidos Interactive

2015-09-05 20:39 - 2015-09-09 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos

2015-09-05 20:36 - 2015-09-06 14:21 - 00000000 ____D C:\Program Files (x86)\Eidos

2015-09-04 13:33 - 2015-09-04 13:33 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-09-04 00:08 - 2015-09-04 00:08 - 00001395 _____ C:\Users\xxxx\Downloads\HOMEFRONT.CT

2015-09-03 16:29 - 2015-09-03 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant

2015-09-03 16:28 - 2015-04-18 10:26 - 00427224 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe

2015-09-03 16:28 - 2014-11-26 11:01 - 00004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat

2015-09-03 16:27 - 2015-09-03 16:27 - 00000000 ____D C:\Program Files\Dolby Digital Plus

2015-09-03 16:27 - 2013-07-25 14:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe

2015-09-03 16:23 - 2015-09-03 16:23 - 03153264 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A96.DLL

2015-09-03 16:22 - 2015-09-03 16:22 - 07231400 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 01052208 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BP16.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 00431048 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll

2015-09-03 16:22 - 2015-09-03 16:22 - 00071024 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll

2015-08-31 19:27 - 2015-08-25 20:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll

2015-08-31 19:27 - 2015-08-25 20:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll

2015-08-31 17:53 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2015-08-29 23:11 - 2015-08-29 23:11 - 01031608 _____ (CyberLink) C:\Users\xxxx\Downloads\CyberLink_PowerDVD_Downloader (1).exe

2015-08-29 17:06 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-08-29 17:06 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2015-08-29 17:06 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-08-29 17:06 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2015-08-29 17:06 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2015-08-29 17:06 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-08-29 17:06 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2015-08-29 17:06 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-08-29 17:06 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-08-29 17:06 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll

2015-08-29 17:06 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2015-08-29 17:06 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2015-08-29 17:06 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2015-08-29 17:06 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2015-08-29 17:06 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2015-08-29 17:06 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll

2015-08-29 17:06 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll

2015-08-29 17:06 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll

2015-08-29 17:06 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2015-08-29 17:06 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll

2015-08-29 17:06 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-08-29 17:06 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2015-08-29 17:06 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll

2015-08-29 17:06 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-08-29 17:06 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2015-08-29 17:06 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2015-08-29 17:06 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll

2015-08-29 17:06 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll

2015-08-29 17:06 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll

2015-08-29 17:06 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll

2015-08-29 17:06 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-08-29 17:06 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2015-08-29 17:06 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-09-24 22:30 - 2015-06-17 12:19 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA.job

2015-09-24 22:19 - 2015-04-22 17:43 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-09-24 22:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru

2015-09-24 22:02 - 2015-04-21 22:37 - 00000000 ____D C:\Program Files\CCleaner

2015-09-24 21:56 - 2015-08-10 03:01 - 01843304 _____ C:\Users\Public\CAFADEBUG.log

2015-09-24 21:54 - 2015-05-05 22:37 - 00000000 ___RD C:\Users\xxxx\Dropbox

2015-09-24 21:54 - 2015-05-05 22:31 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Dropbox

2015-09-24 21:46 - 2015-04-22 18:53 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2015-09-24 21:44 - 2015-04-22 17:43 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-09-24 21:41 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-09-24 21:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-09-24 18:09 - 2015-07-29 19:45 - 00000000 ____D C:\Users\xxxx

2015-09-24 17:45 - 2015-04-23 20:59 - 00000000 ____D C:\Users\xxxx\AppData\Local\Akamai

2015-09-23 20:02 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-09-23 18:46 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2015-09-23 18:20 - 2015-04-23 21:14 - 00000000 ____D C:\Program Files (x86)\Steam

2015-09-23 15:40 - 2015-06-25 22:07 - 00000000 _____ C:\Users\xxxx\Downloads\PD2Hook.log

2015-09-23 15:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-09-23 02:49 - 2015-04-26 13:37 - 00000000 ____D C:\Users\xxxx\Documents\bauko 2

2015-09-23 00:40 - 2015-07-29 20:11 - 00000000 ____D C:\Users\xxxx\AppData\Local\Packages

2015-09-22 22:55 - 2015-07-29 19:41 - 00000000 ____D C:\ProgramData\NVIDIA

2015-09-22 18:40 - 2015-04-24 20:58 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Nitro PDF

2015-09-22 12:29 - 2015-05-30 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-09-22 11:30 - 2015-06-17 12:18 - 00001164 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core.job

2015-09-22 00:55 - 2015-07-23 04:02 - 11198080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-09-22 00:02 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2015-09-21 15:57 - 2015-04-27 13:21 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-09-21 11:58 - 2015-04-21 21:28 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\IObit

2015-09-21 11:58 - 2015-04-21 21:28 - 00000000 ____D C:\ProgramData\IObit

2015-09-21 00:51 - 2015-05-02 20:46 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-09-21 00:46 - 2015-08-06 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby

2015-09-21 00:45 - 2015-04-22 17:43 - 00000000 ____D C:\Program Files (x86)\Google

2015-09-19 14:27 - 2015-04-22 18:53 - 01049880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00448968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

2015-09-19 14:27 - 2015-04-22 18:53 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

2015-09-18 11:37 - 2015-07-29 19:44 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-09-18 11:37 - 2015-07-10 18:34 - 00885892 _____ C:\WINDOWS\system32\perfh007.dat

2015-09-18 11:37 - 2015-07-10 18:34 - 00196488 _____ C:\WINDOWS\system32\perfc007.dat

2015-09-18 11:34 - 2015-05-10 21:40 - 00000000 ____D C:\Users\xxxx\Documents\vermessung

2015-09-18 10:46 - 2015-05-03 16:31 - 00000000 ____D C:\Users\xxxx\Documents\bauphysik

2015-09-17 15:56 - 2015-05-19 23:08 - 00000000 ____D C:\Users\xxxx\Documents\RZDB

2015-09-17 02:28 - 2015-04-23 22:53 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared

2015-09-17 02:27 - 2015-04-23 23:39 - 00000000 ____D C:\Users\xxxx\AppData\Local\Autodesk

2015-09-17 02:27 - 2015-04-23 22:25 - 00000000 ____D C:\ProgramData\Autodesk

2015-09-17 02:25 - 2015-04-24 00:28 - 00000000 ____D C:\Users\Public\Documents\Autodesk

2015-09-17 02:25 - 2015-04-23 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

2015-09-16 00:58 - 2015-07-15 00:23 - 00000000 ____D C:\Users\xxxx\Desktop\games

2015-09-15 23:58 - 2015-07-29 20:18 - 00002384 _____ C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2015-09-15 23:58 - 2015-07-29 20:18 - 00000000 ___RD C:\Users\xxxx\OneDrive

2015-09-15 18:12 - 2015-07-29 21:51 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-09-15 18:12 - 2015-07-29 21:51 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-09-15 17:14 - 2015-04-22 17:43 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-09-15 17:14 - 2015-04-22 17:43 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-09-14 15:54 - 2015-04-26 13:55 - 00000000 ____D C:\Users\xxxx\Documents\baustoffe 2

2015-09-14 02:24 - 2015-08-13 21:26 - 12611632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 03484216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 03077544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 01178248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-09-14 02:24 - 2015-07-23 04:02 - 00034098 _____ C:\WINDOWS\system32\nvinfo.pb

2015-09-14 00:04 - 2015-07-29 19:41 - 06885168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 03496056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 01062008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00937776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-09-14 00:04 - 2015-07-29 19:41 - 00581752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-09-14 00:04 - 2015-07-29 19:41 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-09-13 14:25 - 2015-04-24 20:43 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2015-09-13 14:21 - 2015-05-03 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2015-09-13 13:50 - 2015-04-21 21:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-09-13 13:08 - 2015-04-25 15:30 - 00000000 ____D C:\Users\xxxx\Documents\Rockstar Games

2015-09-12 16:07 - 2015-04-23 21:14 - 00000973 _____ C:\Users\Public\Desktop\Steam.lnk

2015-09-11 14:17 - 2015-07-29 19:41 - 05231082 _____ C:\WINDOWS\system32\nvcoproc.bin

2015-09-11 13:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache

2015-09-09 16:40 - 2015-07-29 21:39 - 00000000 ____D C:\WINDOWS\Minidump

2015-09-09 16:40 - 2015-07-29 20:36 - 00000000 ___DC C:\WINDOWS\Panther

2015-09-09 16:01 - 2015-04-21 21:00 - 00000000 ____D C:\Users\xxxx\AppData\Local\VirtualStore

2015-09-09 15:44 - 2015-07-18 16:51 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\TS3Client

2015-09-09 14:05 - 2015-07-10 14:20 - 00431928 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-09-09 14:02 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal

2015-09-09 14:02 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-09-09 12:44 - 2015-04-22 06:23 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-09-09 01:06 - 2015-04-21 22:37 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk

2015-09-09 00:29 - 2015-07-10 18:44 - 00000000 ____D C:\WINDOWS\ShellNew

2015-09-09 00:29 - 2015-06-29 13:05 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo

2015-09-09 00:29 - 2015-05-21 19:21 - 00000000 __RDC C:\Users\xxxx\Desktop\Klausuren Statik II

2015-09-09 00:29 - 2015-04-23 22:25 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Autodesk

2015-09-09 00:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration

2015-09-09 00:24 - 2015-07-30 12:33 - 00000000 ____D C:\ProgramData\Lenovo

2015-09-09 00:02 - 2015-04-22 18:53 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-09-08 23:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe

2015-09-08 02:43 - 2015-04-26 15:04 - 00000000 ____D C:\Users\xxxx\Documents\statik 2

2015-09-08 02:38 - 2015-04-26 13:59 - 00000000 ____D C:\Users\xxxx\Documents\statik 1

2015-09-07 10:00 - 2015-04-24 01:03 - 00000072 _____ C:\Users\Public\LMDebug.log

2015-09-04 00:03 - 2015-04-25 13:12 - 00000000 ____D C:\Users\xxxx\Documents\My Games

2015-09-03 16:24 - 2015-07-29 21:32 - 00000000 ____D C:\ProgramData\Conexant

2015-09-03 16:22 - 2015-07-29 21:31 - 01991784 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2015-09-03 16:22 - 2015-07-29 21:31 - 00340656 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2015-09-03 16:22 - 2015-07-29 21:31 - 00283928 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2015-09-03 16:22 - 2015-04-21 21:38 - 01317096 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys

2015-09-01 00:39 - 2015-07-23 14:19 - 00000000 ____D C:\ProgramData\CyberLink

2015-08-31 17:54 - 2015-07-29 19:41 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2015-08-31 17:54 - 2015-04-25 17:00 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2015-08-30 14:08 - 2015-05-03 21:34 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\Notepad++

2015-08-30 14:08 - 2015-05-03 21:34 - 00000000 ____D C:\Program Files (x86)\Notepad++

2015-08-30 01:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2015-08-29 23:17 - 2015-07-23 14:19 - 00000000 ____D C:\ProgramData\SUPPORTDIR

2015-08-29 23:13 - 2015-07-23 14:25 - 00000000 ____D C:\Users\xxxx\Documents\CyberLink

2015-08-27 02:37 - 2015-04-25 17:00 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2015-08-27 02:37 - 2015-04-25 17:00 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2015-08-27 02:36 - 2015-04-25 17:00 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2015-08-27 02:36 - 2015-04-25 17:00 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2015-08-26 18:37 - 2015-04-22 06:23 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-08-25 21:47 - 2015-04-26 13:18 - 00000000 ____D C:\Users\xxxx\Documents\bauko 1
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-08-01 14:07 - 2015-08-01 14:07 - 0000855 _____ () C:\Users\xxxx\AppData\Local\recently-used.xbel

2015-05-29 00:09 - 2015-07-29 10:29 - 0007603 _____ () C:\Users\xxxx\AppData\Local\Resmon.ResmonCfg

2015-07-29 21:33 - 2015-07-29 21:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-04-23 23:14 - 2015-04-23 23:14 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

2015-07-13 12:45 - 2015-07-13 12:45 - 0010057 _____ () C:\ProgramData\regid.1996-01.de.pixelplanet_CB8E6973-82E1-4437-B8BA-905FCDC7148C.swidtag
 

Einige Dateien in TEMP:

====================

C:\Users\xxxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpki1r6x.dll

C:\Users\xxxx\AppData\Local\Temp\ERUNT.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-09-21 12:11
 

==================== Ende von FRST.txt ============================

addition

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015

durchgeführt von xxxx (2015-09-24 22:31:25)

Gestartet von C:\Users\xxxx\Desktop

Windows 10 Pro (X64) (2015-07-29 18:10:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-655851370-1497040194-593136017-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-655851370-1497040194-593136017-503 - Limited - Disabled)

Gast (S-1-5-21-655851370-1497040194-593136017-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-655851370-1497040194-593136017-1002 - Limited - Enabled)

xxxx (S-1-5-21-655851370-1497040194-593136017-1000 - Administrator - Enabled) => C:\Users\xxxx
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}

AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)

ACA & MEP 2016 Object Enabler (Version: 7.8.44.0 - Autodesk) Hidden

ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)

AutoCAD 2016 - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden

AutoCAD 2016 Coordination Model Osnap Support (HKLM\...\AutoCAD 2016 Hotfix 1) (Version:  - Autodesk)

AutoCAD 2016 Language Pack - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden

Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)

Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.0 - Autodesk)

Autodesk AutoCAD 2016 - Deutsch (German) (HKLM\...\AutoCAD 2016 - Deutsch (German)) (Version: 20.1.49.0 - Autodesk)

Autodesk AutoCAD 2016 Hotfix 1 (HKLM\...\AutoCAD 2016 Hotfix 2) (Version:  - Autodesk)

Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)

Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{D605F10C-42CB-436E-BC65-3D189AE5FD08}) (Version: 4.36.2452 - Autodesk)

Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)

Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)

Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)

Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)

Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)

Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)

Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)

Bionic Commando (HKLM-x32\...\Steam App 21670) (Version:  - Capcom)

BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)

CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden

Common Desktop Agent (Version: 1.62.0 - OEM) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)

Corto Maltese Secrets of Venice (HKLM-x32\...\Steam App 310460) (Version:  - Kids up hill)

CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.2003.58 - CyberLink Corp.)

Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)

Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)

Dropbox (HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)

Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)

Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)

Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden

EnergyCut (HKLM-x32\...\{6E127727-CE4B-40E4-9A7D-9D65CDE0A15C}) (Version: 1.00 - Lenovo)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Far Cry (OEM) (HKLM-x32\...\InstallShield_{F400BA3B-B134-4701-8536-68A99CD44F5A}) (Version: 1.00.0000 - Ihr Firmenname)

Far Cry (OEM) (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden

GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)

Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden

Homefront (HKLM-x32\...\Steam App 55100) (Version:  - Kaos Studios)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)

Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)

L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)

Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)

Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)

Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)

Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.048.00 - Lenovo)

LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)

Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)

Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)

Max Payne (HKLM-x32\...\Max Payne) (Version: 1.0.4.0 - Rockstar Games)

Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version: 1.1.102.0 - Rockstar Games)

Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)

NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)

Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)

NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)

NVIDIA Grafiktreiber 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)

PCFriendly (HKLM-x32\...\PCFriendly) (Version:  - )

PdfEditor 3.0 (64bit) (HKLM\...\{9FB72AA3-2D6A-4FF7-B04F-E393F463732B}) (Version: 3.0.0.16 - PixelPlanet)

PixelPlanet PdfPrinter 7 (64bit) (HKLM\...\{000F58F3-A544-4BB5-AF1B-761EA1C8595C}) (Version: 7.0.92 - PixelPlanet)

Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.)

Red Faction: Armageddon (HKLM-x32\...\Steam App 55110) (Version:  - Volition)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - Spellbound)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)

RuckZuck Student (HKLM-x32\...\{59734DF0-626C-4012-94E5-D8F0B72649B4}) (Version: 6.0.13 - MURSOFT)

Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)

Saints Row: Gat out of Hell (HKLM-x32\...\Steam App 301910) (Version:  - Deep Silver Volition)

Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.70.02(21.09.2012) - Samsung Electronics Co., Ltd.)

Samsung ML-2950 Series (HKLM-x32\...\Samsung ML-2950 Series) (Version: 1.15 (25.10.2012) - Samsung Electronics Co., Ltd.)

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden

SketchUp-Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)

Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

Verfügbare Autodesk-Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

Wolfenstein: The Old Blood German Edition (HKLM-x32\...\Steam App 354830) (Version:  - MachineGames)

World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)

Zombie Army Trilogy (HKLM-x32\...\Steam App 301640) (Version:  - Rebellion)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\de-DE\acadficn.dll (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-655851370-1497040194-593136017-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
 

==================== Wiederherstellungspunkte =========================
 

22-09-2015 13:49:30 Ende der Bereinigung

22-09-2015 14:43:52 Windows-Sicherung

23-09-2015 18:06:26 Revo Uninstaller's restore point - Emsisoft Anti-Malware

24-09-2015 18:16:14 JRT Pre-Junkware Removal
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {01EC2C41-2429-427A-B9DE-FCFA66C01B0D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128

Task: {0386F3A9-E63F-4643-BF43-6C562E73A1F6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {05783FED-28DD-4F43-A650-8DEB1C79F596} - System32\Tasks\{C16CAA32-1B46-4D66-851A-38413081F276} => pcalua.exe -a D:\ISSetupPrerequisites\{0BE9572E-8558-404f-B0A5-8C347D145655}\vcredist_x86.exe -d D:\ISSetupPrerequisites\{0BE9572E-8558-404f-B0A5-8C347D145655}

Task: {0BC46AD3-7F80-4A20-AFBC-68355667FD29} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {0E3D7490-839A-4855-9449-16F932FD394A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {19864FEE-B009-4224-9DA0-B467BD27D21A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {1CAD8421-EFAD-46C4-9B65-A0E30F0868F7} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)

Task: {1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {1F3F08BC-3DF3-4448-8CFF-87FA968B89B7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {2624D85E-370F-4697-B11B-449F3B842E27} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {2AAC1EBE-662B-4AAF-B14E-A0C594273F4F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {2BF7D33B-4C72-47C5-9E4B-4DDFD32754FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {3099C284-137D-45D0-8D27-0CE28ED0718A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {328B9E24-B646-40DC-A7DF-CB2D5D4F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {39D212EA-043F-42F5-8671-897A85835A55} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {39E3754F-776D-4933-A5F8-B24E363875E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {3CF86DDB-E04A-4668-BEAD-2DBA3F22E5BF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {4035794B-A9D2-4BFB-A1B9-77265F770AB1} - System32\Tasks\{08E2528E-C29B-490C-8A59-01947D20FB54} => pcalua.exe -a D:\RGSC\redistributable\dotnetfx3_x64.exe -d D:\RGSC\redistributable

Task: {49AA92A4-AEDF-47A5-9CCC-B371C8CB3A8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {4BE50B40-3123-45CA-899A-B5F74677DEE2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)

Task: {538CB5B5-701B-4A22-AEAF-48D4201E5D31} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {66ED3F87-6D10-4481-9898-F9CAF5D07EDB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-19] (AVAST Software)

Task: {67BE7491-9CC2-4CF3-A468-E8B0F57920A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {6EE627CF-7F02-4692-AB62-26B0AAADD3CB} - System32\Tasks\{C225C39F-F2AF-4109-B006-787B0B85E0C9} => pcalua.exe -a D:\RGSC\setup.exe -d D:\RGSC

Task: {71B7887C-67BD-4042-924B-11A42591DFE5} - System32\Tasks\{5A7A453C-BDD3-48A8-B4E8-C246878D776E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {72FC6E1E-A962-4707-8312-C3A3CAC9DBC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {7336AE25-1882-4D7D-AB9E-97C4ECEF470D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {73F25043-228D-4035-8158-11245BB312C9} - System32\Tasks\{A9B2D048-FB29-4E58-B23D-F8CDA2E719F7} => pcalua.exe -a D:\ISSetupPrerequisites\{074EE22F-2485-4FED-83D1-AAC36C3D9ED0}\dotnetfx35.exe -d D:\ISSetupPrerequisites\{074EE22F-2485-4FED-83D1-AAC36C3D9ED0}

Task: {83ACDBC5-4FE7-4367-A189-6BBAEBAD386D} - System32\Tasks\{62C4C7FB-C8E7-4612-83FF-7E6D8786153A} => pcalua.exe -a D:\GTAIV\Redistributable\vcredist_x86.exe -d D:\GTAIV\Redistributable

Task: {85DF9522-3027-45ED-9DE3-E4564DB6EB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {8B26D2B2-C591-421F-A984-8B4A4BBA5D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {900B8A2F-0410-4DE1-9046-FE4E19E03025} - System32\Tasks\{30DFB2FF-873F-4BF6-A88C-6304F02E1B56} => pcalua.exe -a "C:\Drivers\Nvidia VGA Driver 7(64-bit)\Install.exe" -d "C:\Drivers\Nvidia VGA Driver 7(64-bit)"

Task: {92CD746E-4913-4B03-8BF0-D83A2A43ECF6} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()

Task: {95ED5F01-8966-4D72-9F0A-6C72E32A6790} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {97DC4EA1-6B6D-4BB6-9751-0E2D842841EB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {9FBBEF4C-C5B0-4CEB-AFA5-B6ED127D0833} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {A1223286-5FFF-429F-805C-C700D02395C4} - System32\Tasks\{9ECE9736-4473-40CF-AFCC-7AB307EE7E8B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{915726DF-7891-444A-AA03-0DF1D64F561A}\setup.exe" -c -runfromtemp -l0x0407  -removeonly

Task: {A33D6495-C91B-4D08-A003-593D6CC58544} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {A87FB946-5AFA-44A7-B286-7C17767DD180} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {A937EC9E-C52A-4280-B0F7-6F7BF32AB565} - System32\Tasks\{667BF24F-BB3D-4B59-9C9D-425C497D5C9A} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {ABCCF912-79EF-4A44-B7E5-30537576B422} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\Windows\System32\reg.exe [2015-07-10] (Microsoft Corporation)

Task: {B3023635-562B-4BD0-AAD7-18EED2E1B56D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

Task: {B5180223-63C6-4A54-8556-0DEF80682CD1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)

Task: {B5E01190-A3B1-40CB-8D79-E3CA0271A56B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

Task: {B7F8696E-676C-41E1-8326-55C9116869E0} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 

Task: {C1944FE1-E599-48E0-8E47-6826670EB393} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {C230802E-546A-4E0D-9AFA-8B167CB3C42D} - System32\Tasks\{5A88C20B-88E2-4E7F-9E6D-9C0B0A3A4BA0} => pcalua.exe -a D:\RGSC\redistributable\dotnetfx3.exe -d D:\RGSC\redistributable

Task: {D7E0BF87-08F7-4A17-874C-59808ABD6C4A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {DBE48DED-E272-4841-A425-77CFCD06FF75} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {DDF30EED-8120-477B-A9E2-A8D3F0F826E7} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)

Task: {E20E93A3-7719-4948-AC01-D9E6D35200A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {E2DB3F94-584D-40F8-8929-9A9DE47DFA6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-22] (Google Inc.)

Task: {E4EAB74A-B6C1-4E20-95E6-5C41C1FC4698} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {ED3823F4-C576-416E-9CD2-D93169C3A68B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {EFA653FB-D44F-4137-AE74-D51D2E0BC99D} - System32\Tasks\{52DDE1AA-B061-4F87-8A44-7FF3C1631A6F} => pcalua.exe -a D:\FarCryAutoCD.exe -d D:\

Task: {F137692F-8735-4ED5-97AE-676A31A1D86A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {F68301EA-5C2F-40B6-86E9-990B26144990} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()

Task: {F6E92788-AAA9-40F5-ABC1-F360C424D00C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {FA7D5DC6-CEF0-491D-AD7C-9DBB45DEA3B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {FB9C194A-277F-4F62-A415-FBFD55CAFB7A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

Task: {FC5377A4-1DCF-42B6-A290-B38D5F91E118} - System32\Tasks\{6476DA8B-426F-45E6-A127-28DFC7C7EDE4} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain

Task: {FDE0C50E-1E6A-4599-9EC7-2186126548D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000Core.job => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-655851370-1497040194-593136017-1000UA.job => C:\Users\xxxx\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-07-29 20:37 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll

2015-07-30 12:35 - 2015-07-30 12:35 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll

2015-04-24 00:48 - 2011-04-01 05:30 - 00034304 _____ () C:\WINDOWS\System32\ssk3mlm.dll

2015-06-22 05:24 - 2015-06-22 05:24 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll

2015-08-18 23:58 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-08-29 17:06 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-09-09 01:04 - 2015-09-09 01:04 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll

2015-08-24 20:28 - 2015-08-24 20:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-09-24 21:34 - 2015-09-24 21:34 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092401\algo.dll

2015-07-23 14:23 - 2015-02-12 13:18 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\sqlite3.dll

2015-09-19 14:27 - 2015-09-19 14:27 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-06-11 05:34 - 2014-06-11 05:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-07-23 14:22 - 2015-08-10 08:18 - 00867256 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\common\UNO\UNO.dll

2015-07-23 14:21 - 2013-12-10 13:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ctypes.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_hashlib.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00041984 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_sqlite3.pyd

2015-07-23 14:22 - 2013-12-10 13:31 - 00337920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\sqlite3.dll

2015-07-23 14:21 - 2015-08-10 08:15 - 00184248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\AudioFilter\CLVistaAudioMixer.dll

2015-07-23 14:21 - 2013-12-10 13:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_socket.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_ssl.pyd

2015-07-23 14:21 - 2013-12-10 13:31 - 00877056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\_bsddb.pyd

2015-07-23 14:22 - 2015-08-03 11:56 - 00695808 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\subsys\PyMediaInfo\tag.dll

2015-09-21 20:07 - 2015-09-19 00:13 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll

2015-09-21 20:07 - 2015-09-19 00:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll

2015-07-23 14:22 - 2015-08-10 08:18 - 00867256 _____ () C:\Program Files (x86)\CyberLink\PowerDVD15\Common\UNO\UNO.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\07691b92ea759c745d3d14f9d15296c6:Win32App

AlternateDataStreams: C:\1b6ca9d1070819a3a9766ae9:Win32App

AlternateDataStreams: C:\2eeb02961b05a80aff04ae3697c5df:Win32App

AlternateDataStreams: C:\30f13ae1f376dbdbf3:Win32App

AlternateDataStreams: C:\60662fb4f84530340c:Win32App

AlternateDataStreams: C:\961e9c4053ff49a2f2c2bb3c8cad4b:Win32App

AlternateDataStreams: C:\a7bf195f8658e17a6346c4a13ebb5065:Win32App

AlternateDataStreams: C:\c714b680540639fa14c8677e4764c4b8:Win32App

AlternateDataStreams: C:\d21a7c36e4033540052a48:Win32App

AlternateDataStreams: C:\dfb59037b8fd9a7a2f5aff2ba02c2b33:Win32App

AlternateDataStreams: C:\Program Files\CCleaner:Win32App

AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App

AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App

AlternateDataStreams: C:\Program Files (x86)\Dolby Advanced Audio v2:Win32App

AlternateDataStreams: C:\Program Files\Common Files\Autodesk Shared:Win32App

AlternateDataStreams: C:\ProgramData\Autodesk:Win32App

AlternateDataStreams: C:\Users\xxxx\Documents\RZDB:Win32App
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Control Panel\Desktop\\Wallpaper -> c:\users\xxxx\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\82331.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

MSCONFIG\startupreg: 331BigDog => C:\Program Files (x86)\USB Camera\VM331_STI.EXE

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

HKLM\...\StartupApproved\Run32: => "PixelPlanet PdfPrinter-Monitor"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{C29798CB-1FCD-407E-BB4C-D8587AB47165}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{17F1F008-CDC6-4BB7-A718-DEF915DFDB14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{03DEEA1D-E6D4-4353-9922-5D258F430E2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{E0F50524-4FF4-41C5-8140-C0CC10417246}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{5FE5B0E5-C4F0-40DA-A3A6-0DFAEE2C103B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{A89A18B2-9782-41BC-A7CE-14BE4204B09F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe

FirewallRules: [{FCCCDE85-0C34-4938-B7CF-C110948B71C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe

FirewallRules: [{E01F1335-0281-4156-AE34-F9DBBB177C67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe

FirewallRules: [{8AEFAA9D-4D4C-48B8-88E6-689C9F4D140B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe

FirewallRules: [{5CCD3541-5718-4F13-BE60-FFFD7AD01E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

FirewallRules: [{244DFD35-6CF0-4EA5-AF23-4CE19DE7F193}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe

FirewallRules: [{1C64DD5A-687A-4B97-9340-722431D36C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe

FirewallRules: [{7E55BC62-3E5C-4FD6-AB6D-85A99551DFDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe

FirewallRules: [{79E309DF-2A59-40E7-AC8C-B00AE7556852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{C54D821C-C0F6-48BA-A231-0BDFF8F8C8FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{9881A05C-C53E-4DA0-B1A1-67292E21A33E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe

FirewallRules: [{95560F3B-EEA9-452D-9732-52FF4A9BD78E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe

FirewallRules: [{7B70B84E-3B72-4EF6-8BA2-89CD88DA7E3F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe

FirewallRules: [{98347DEB-8C71-4DFD-A07F-0D74B28900B0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe

FirewallRules: [{C8FDD398-D9E1-4BF3-B340-B1F2B41F31F6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe

FirewallRules: [{089167EE-E545-41AB-8971-663CE639800C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe

FirewallRules: [{1B8D173F-5D4E-418C-9E7D-B7E7365076FC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe

FirewallRules: [{31699E27-C863-4B1D-811F-F13472C32E44}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe

FirewallRules: [{1F5F4683-7EC8-43A3-AB3F-6E3A842FE5D1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

FirewallRules: [{CA488F8D-9A46-438C-872F-DF40024B1126}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

FirewallRules: [{D8F404E5-C015-4487-B00A-FA1479573466}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{A13B6819-2DAA-4DF7-9425-D8833CB0D2B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{32CD0E5A-D0A1-4B50-9031-3FEBC7B1CF44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.Old.Blood.DE\WolfOldBlood_x64.exe

FirewallRules: [{DEA31B9B-EEB9-4116-92F1-54773E90A566}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.Old.Blood.DE\WolfOldBlood_x64.exe

FirewallRules: [{7D6DA460-70F5-46A6-968E-263150EE796D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Corto Maltese Secrets of Venice\CortoMaltese.exe

FirewallRules: [{91B2439B-9EB1-4E21-8810-9CE7DB0679CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Corto Maltese Secrets of Venice\CortoMaltese.exe

FirewallRules: [{904806EC-CD39-4FB5-BCA0-58C66DEAB484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bionic Commando\bionic_commando.exe

FirewallRules: [{221FABA9-1CA8-41CD-92B4-3C5D511CFEEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bionic Commando\bionic_commando.exe

FirewallRules: [{97879926-BBF4-4945-A7A4-FC89937D35DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe

FirewallRules: [{60412F58-1B2C-40C3-B6D7-22EC3728975F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe

FirewallRules: [{DFAD0778-156F-4020-8B84-4666A1C9370B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe

FirewallRules: [{3FBF7B5E-FDAB-4961-9EC5-0207C6FA79D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe

FirewallRules: [UDP Query User{4AA84024-0BE3-4B47-B774-A27A220DA5DD}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [TCP Query User{143F399C-4B23-468D-A202-5949827446E9}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{100B414F-A3FC-4D11-908E-534F3B56F438}] => (Allow) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{82F695B8-181F-4FE3-A7A7-F11B5D3CFE9B}] => (Allow) C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{AB086A1C-EA3C-45CE-B41A-29DA908442F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe

FirewallRules: [{708C5C58-F479-4ADD-8F03-17359F74FA7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe

FirewallRules: [{6F5BA8DC-A567-4DDC-94D9-7B7910BED956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe

FirewallRules: [{BDDA61BE-4CE1-4A37-BCE3-E0CE28D33E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row Gat out of Hell\SaintsRowGatOutOfHell.exe

FirewallRules: [{722F74C1-41D0-473C-B449-6E75E0B13910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe

FirewallRules: [{56112707-2DC3-4D1F-9C7D-83C54B5BE0E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WOG\disasm.exe

FirewallRules: [{1B21A0AD-EAE7-492C-8DA2-DEC825F88EB0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{33B39C14-97AC-49E2-A422-3E9CAAEB56D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [UDP Query User{027FDC18-C7C4-4B67-A6B7-54215CD21C4B}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe

FirewallRules: [TCP Query User{68F22134-1C42-440A-9BF2-E80941051D61}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe

FirewallRules: [{22813713-FD76-4325-934C-D64798E7F134}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{590FF701-A144-4D34-9393-18A253B26B65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{5B0618BF-DFDF-4DD9-8893-6161EA90B2ED}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe

FirewallRules: [{641531A3-30E8-4D06-A9B3-5FE058E2D459}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe

FirewallRules: [{A751879A-BF70-41A4-BBE7-11535BA65C1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{EC904DB9-13D0-4B5F-B6ED-7DB7241B9F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [UDP Query User{33EEF96C-250E-4338-B312-FE831CE385F8}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{77A50A3E-B70A-4930-BE7E-2476B76F20C7}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [{5BE110FE-9233-4622-BB85-BE2342D40B6E}] => (Allow) LPort=50248

FirewallRules: [{70AF606C-6D79-48D4-912D-E0614DA7C62A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{5CD6883D-4001-4D55-A21B-D1CB4AE68304}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{F618B9B2-E9F3-4E5A-B43B-80698DDF8577}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A2EFD8AB-83FA-403D-89A1-9295C5066C08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [UDP Query User{563283D4-EE31-4C1E-BDB5-4849C9D978A3}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{C8AC7A40-72D0-4487-9C27-886CB08F7486}C:\users\xxxx\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\xxxx\appdata\local\akamai\netsession_win.exe

FirewallRules: [{7537F5AD-8AC8-461E-AE38-CDCB4C1B8646}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prototype\prototypef.exe

FirewallRules: [{37B2B0D1-F630-46CB-9AC8-B73C79FCC08D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prototype\prototypef.exe

FirewallRules: [{75E82420-C82B-4D42-8F42-5D62F0A6448C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\rf4_launcher.exe

FirewallRules: [{77F39796-B703-43D8-928A-73591CF431A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\rf4_launcher.exe

FirewallRules: [{24B627DE-DB98-4679-810B-FCB19D8DCBB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon.exe

FirewallRules: [{240C3792-82E8-42D4-A0EC-A5C57968275E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon.exe

FirewallRules: [{9B59B28E-7EFE-4999-AA09-509F094C4C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon_DX11.exe

FirewallRules: [{CF5BC5E8-1EC4-40EF-82B0-AAF00D7FF723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\red faction armageddon\RedFactionArmageddon_DX11.exe

FirewallRules: [{A7C1CD67-B7A9-4F4A-BDDD-AF7FB5479EFE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe

FirewallRules: [{095E29DB-3C91-484C-9B8E-1DD00B8740F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe

FirewallRules: [{C4F2B600-53E1-479E-A64B-7AC6ECE35794}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe

FirewallRules: [{7998367C-4852-4E0A-8406-C07489BCE924}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe

FirewallRules: [{802523BA-EDF3-4E17-A80E-32821478DA08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe

FirewallRules: [{A9DDA03F-00CA-4A52-99E6-AEAAD96ED3B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe

FirewallRules: [{BA3D0F42-FEE7-4A01-85F2-5C28F9D2A549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HOMEFRONT\Binaries\HOMEFRONT.exe

FirewallRules: [TCP Query User{9A1DC18C-E93D-43CC-A206-E55C06EBD58E}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [UDP Query User{D244FA66-1BFC-41E4-BAB3-77AB54F97A1B}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [{AF423948-B54C-4906-B6ED-47ACC54A020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{64105D8D-96FB-49EE-BAE1-6CFEF120FB70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe

FirewallRules: [{D415045E-D31E-4C10-9600-C5D0F68CD3E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin Hood\Game.exe

FirewallRules: [{EEB1656A-67BC-4679-9345-8E2F54F0B433}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robin Hood\Game.exe

FirewallRules: [{F2E827F7-CDC1-4D00-937E-0D3C7B9C820C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{960796DA-6080-4222-B312-73984345B799}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe

FirewallRules: [{A0E34291-09E6-47E6-89FD-079974213267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe

FirewallRules: [{1BEF6437-F906-4A0E-9A77-2F3836B0FC39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe

FirewallRules: [{6D12B3C3-C53A-4B3C-8AD5-3CE005E869C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{5FB59949-F948-4D9C-9FDA-3EC205DBB9A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (09/24/2015 10:30:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 10:29:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 10:17:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 10:02:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 09:55:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 09:55:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 09:51:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xxxx-PC)

Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/24/2015 09:50:56 PM) (Source: ESENT) (EventID: 413) (User: )

Description: SettingSyncHost (3620) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
 

Error: (09/24/2015 09:50:56 PM) (Source: ESENT) (EventID: 488) (User: )

Description: SettingSyncHost (3620) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
 

Error: (09/24/2015 09:50:45 PM) (Source: ESENT) (EventID: 413) (User: )

Description: SettingSyncHost (3620) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
 
 

Systemfehler:

=============

Error: (09/24/2015 10:30:32 PM) (Source: DCOM) (EventID: 10001) (User: xxxx-PC)

Description: "C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca15616CortanaUINicht verfügbarNicht verfügbar
 

Error: (09/24/2015 10:29:33 PM) (Source: DCOM) (EventID: 10001) (User: xxxx-PC)

Description: "C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca15616CortanaUINicht verfügbarNicht verfügbar
 

Error: (09/24/2015 10:17:53 PM) (Source: DCOM) (EventID: 10001) (User: xxxx-PC)

Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca15616CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mcaNicht verfügbarNicht verfügbar
 

Error: (09/24/2015 10:02:53 PM) (Source: DCOM) (EventID: 10001) (User: xxxx-PC)

Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca15616CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mcaNicht verfügbarNicht verfügbar
 

Error: (09/24/2015 09:55:59 PM) (Source: DCOM) (EventID: 10001) (User: xxxx-PC)

Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca15616CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mcaNicht verfügbarNicht verfügbar
 

Error: (09/24/2015 09:55:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (09/24/2015 09:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "SynTPEnh Caller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (09/24/2015 09:55:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (09/24/2015 09:55:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (09/24/2015 09:55:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NitroPDFReaderDriverCreatorReadSpool3" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

CodeIntegrity:

===================================

  Date: 2015-09-22 18:32:57.561

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-09-22 14:32:02.855

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-09-22 14:30:31.942

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2015-09-22 14:30:20.169

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-06 01:22:54.241

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-06 01:22:41.756

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:44:27.930

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:28:17.765

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:22:53.666

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

  Date: 2015-08-05 02:22:46.137

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz

Prozentuale Nutzung des RAM: 39%

Installierter physikalischer RAM: 8091.27 MB

Verfügbarer physikalischer RAM: 4854.82 MB

Summe virtueller Speicher: 16283.27 MB

Verfügbarer virtueller Speicher: 12684.52 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:930.84 GB) (Free:561.1 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Mehrere Anti-Virus-Programme

Code:

Emsisoft

Avast

Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Einstellungen > System > Apps und Features.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Meine Empfehlung: Avast deinstallieren

Bisher wurde keine Adware gefunden. In welchem Browser wird die Adware angezeigt?
Wir entfernen noch einiges und kontrollieren anschließend nochmal alles, damit dein Rechner auch sauber ist.
Hinweis: Die Suchläufe mit EEK und ESET können länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

start

CloseProcesses:

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Policies\Explorer: [] 

Task: {0E3D7490-839A-4855-9449-16F932FD394A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {19864FEE-B009-4224-9DA0-B467BD27D21A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {2624D85E-370F-4697-B11B-449F3B842E27} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {3099C284-137D-45D0-8D27-0CE28ED0718A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {39D212EA-043F-42F5-8671-897A85835A55} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {67BE7491-9CC2-4CF3-A468-E8B0F57920A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {85DF9522-3027-45ED-9DE3-E4564DB6EB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {8B26D2B2-C591-421F-A984-8B4A4BBA5D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {A33D6495-C91B-4D08-A003-593D6CC58544} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {E20E93A3-7719-4948-AC01-D9E6D35200A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Hosts:

RemoveProxy:

EmptyTemp:

end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade Dir bitte von hier

Emsisoft Emergency Kit herunter.

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von EEK,
die Logdatei von HitmanPro,
die Logdatei von ESET.

hab mich für avast entschieden

chrome wenn ich auf stream starten gehe

Fixlog

Code:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015

durchgeführt von xxxx (2015-09-25 23:07:38) Run:3

Gestartet von C:\Users\xxxx\Desktop

Geladene Profile: xxxx (Verfügbare Profile: xxxx & DefaultAppPool)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

start

CloseProcesses:

HKU\S-1-5-21-655851370-1497040194-593136017-1000\...\Policies\Explorer: [] 

Task: {0E3D7490-839A-4855-9449-16F932FD394A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {19864FEE-B009-4224-9DA0-B467BD27D21A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {2624D85E-370F-4697-B11B-449F3B842E27} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {3099C284-137D-45D0-8D27-0CE28ED0718A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {39D212EA-043F-42F5-8671-897A85835A55} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {67BE7491-9CC2-4CF3-A468-E8B0F57920A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {85DF9522-3027-45ED-9DE3-E4564DB6EB32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {8B26D2B2-C591-421F-A984-8B4A4BBA5D6C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {A33D6495-C91B-4D08-A003-593D6CC58544} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {E20E93A3-7719-4948-AC01-D9E6D35200A7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Hosts:

RemoveProxy:

EmptyTemp:

end

*****************
 

Prozess erfolgreich geschlossen.

HKU\S-1-5-21-655851370-1497040194-593136017-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Wert erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E3D7490-839A-4855-9449-16F932FD394A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E3D7490-839A-4855-9449-16F932FD394A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19864FEE-B009-4224-9DA0-B467BD27D21A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19864FEE-B009-4224-9DA0-B467BD27D21A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D0AD3F2-D55D-4673-AEC4-97FC3E6F914E}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2624D85E-370F-4697-B11B-449F3B842E27}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2624D85E-370F-4697-B11B-449F3B842E27}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3099C284-137D-45D0-8D27-0CE28ED0718A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3099C284-137D-45D0-8D27-0CE28ED0718A}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39D212EA-043F-42F5-8671-897A85835A55}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39D212EA-043F-42F5-8671-897A85835A55}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67BE7491-9CC2-4CF3-A468-E8B0F57920A2}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67BE7491-9CC2-4CF3-A468-E8B0F57920A2}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85DF9522-3027-45ED-9DE3-E4564DB6EB32}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85DF9522-3027-45ED-9DE3-E4564DB6EB32}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B26D2B2-C591-421F-A984-8B4A4BBA5D6C}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B26D2B2-C591-421F-A984-8B4A4BBA5D6C}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A33D6495-C91B-4D08-A003-593D6CC58544}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A33D6495-C91B-4D08-A003-593D6CC58544}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E20E93A3-7719-4948-AC01-D9E6D35200A7}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E20E93A3-7719-4948-AC01-D9E6D35200A7}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt

Hosts erfolgreich wiederhergestellt.
 

========= RemoveProxy: =========
 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 

EmptyTemp: => 493.9 MB temporäre Dateien entfernt.
 
 

Das System musste neu gestartet werden.. 
 

==== Ende von Fixlog 23:10:28 ====

soll ich davon mal einen screenshot posten?

bei emisoft emegency kit gibt es keinen detail scan was soll ich dann für einen scan ausführen?

ok emisoft ist deinstalliert

Zitat:

Zitat von jpr (Beitrag 1519621)

soll ich davon mal einen screenshot posten?

Ja, bitte.

Zitat:

Zitat von jpr (Beitrag 1519621)

bei emisoft emegency kit gibt es keinen detail scan was soll ich dann für einen scan ausführen?

Dann mach bitte einen MalwareScan.

Die Funde habe ich gelöscht

Code:

EEK 

Emsisoft Emergency Kit - Version 10.0

Letztes Update: 26.09.2015 11:11:30

Benutzerkonto: xxxx-PC\xxxx
 

Scan-Einstellungen:
 

Scan-Methode: Malware-Scan

Objekte: Rootkits, Speicher, Traces, Dateien
 

PUPs-Erkennung: An

Archiv-Scan: Aus

ADS Scan: An

Dateitypen-Filter: Aus

Erweitertes Caching: An

Direkter Festplattenzugriff: Aus
 

Scan-Beginn:        26.09.2015 12:30:57

Value: HKEY_USERS\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR         Gefunden: Setting.DisableTaskMgr (A)

Value: HKEY_USERS\S-1-5-21-655851370-1497040194-593136017-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS         Gefunden: Setting.DisableRegistryTools (A)
 

Gescannt:        78777

Gefunden        2
 

Scan-Ende:        26.09.2015 12:46:59

Scan-Zeit:        0:16:02

Ok, dann weiter mit dem Screenshot und den anderen beiden Schritten bitte.

hier ein beispiel dafür (manchmal kommen auch online games weiterleitungen)