Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Watch4.tv - Werbung - Adware vermutet (https://www.trojaner-board.de/172001-watch4-tv-werbung-adware-vermutet.html)

DukeYGO 12.10.2015 06:09
Watch4.tv - Werbung - Adware vermutet
 
Guten Morgen - nach längerer Zeit komme ich nun doch mal wieder auf euch zu, da ich ein Problem habe, dass ich selber nicht mehr repariert bekomme :c

Ich bekomme immer Werbepopups von Watch4.tv und tippe stark auf Adware im System.
Sämtliche Plugins und Programme werden durch von euch empfohlene Tools auf dem laufenden gehalten.

Folgende Logs habe ich vorausdenkend angefertigt:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 06:40 on 12/10/2015 (expert pc)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Folgendes FRST Logs habe ich dann auch noch:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02
durchgeführt von expert pc (Administrator) auf EXPERT (12-10-2015 06:41:24)
Gestartet von C:\Users\expert pc\Desktop\Virenentfernung
Geladene Profile: expert pc (Verfügbare Profile: expert pc)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-12-03] (Hewlett-Packard )
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2900560 2015-10-09] (Valve Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\RunOnce: [Uninstall C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-10-08]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{96af2199-8831-487a-87fc-f08f0f7ac314}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a222317e-793e-4a1c-9ac1-8a4ebd92dbd2}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/4
SearchScopes: HKLM -> {61909BC3-BE76-4BDB-A905-689F89D62260} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {61909BC3-BE76-4BDB-A905-689F89D62260} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2350193266-1077779400-760107588-1001 -> {61909BC3-BE76-4BDB-A905-689F89D62260} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\expert pc\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-02] ()
FF Extension: Adblock Edge - C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-09-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-02] (Electronic Arts)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-05] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-09] (Kaspersky Lab UK Ltd)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-07-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-07-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-07-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-07-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-09] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-07-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-07-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-09-04] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-09-09] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-12 06:40 - 2015-10-12 06:41 - 00000000 ____D C:\FRST
2015-10-12 06:40 - 2015-10-12 06:40 - 00000000 _____ C:\Users\expert pc\defogger_reenable
2015-10-12 06:39 - 2015-10-12 06:41 - 00000000 ____D C:\Users\expert pc\Desktop\Virenentfernung
2015-10-12 06:32 - 2015-10-12 06:32 - 00016148 _____ C:\WINDOWS\system32\EXPERT_expert pc_HistoryPrediction.bin
2015-10-11 19:39 - 2015-10-11 19:51 - 00000000 ____D C:\Users\expert pc\AppData\Local\CrashDumps
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\Documents\Camtasia Studio
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00001248 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Users\expert pc\AppData\Local\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\ProgramData\TechSmith
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\Program Files (x86)\TechSmith
2015-10-10 10:47 - 2015-10-10 10:48 - 01457952 _____ C:\Users\expert pc\Downloads\Camtasia Studio - CHIP-Installer.exe
2015-10-09 21:24 - 2015-10-09 21:26 - 00000000 ____D C:\AdwCleaner
2015-10-09 19:00 - 2015-10-09 19:01 - 01384013 _____ C:\Users\expert pc\Downloads\CPS14_Mappack1.zip
2015-10-08 22:20 - 2015-10-08 22:21 - 00000000 ____D C:\Users\expert pc\Knuddels
2015-10-07 17:54 - 2015-10-03 04:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-07 17:52 - 2015-10-03 06:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 17:41 - 2015-10-07 17:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-07 17:41 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-07 07:11 - 2015-10-07 17:20 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-10-07 01:29 - 2015-10-07 01:29 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-06 22:30 - 2015-10-10 10:34 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\vlc
2015-10-06 22:29 - 2015-10-06 22:29 - 00001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-10-05 06:29 - 2015-10-10 10:40 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\avidemux
2015-10-05 06:29 - 2015-10-05 06:29 - 00001185 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 32 bits (32-bit).lnk
2015-10-05 06:29 - 2015-10-05 06:29 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2015-10-05 06:15 - 2015-10-05 06:23 - 00000000 ____D C:\Users\expert pc\AppData\Local\Windows Live
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\expert pc\.MCTranscodingSDK
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\ProgramData\Geevs
2015-10-01 18:23 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:23 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:23 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:23 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:23 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:23 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:23 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:23 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 18:23 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:23 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:23 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:23 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:23 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:23 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:23 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:23 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:23 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:23 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:23 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:23 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 18:23 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 06:57 - 2015-10-02 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 19:38 - 2015-09-26 15:51 - 00000000 ____D C:\Users\expert pc\Documents\FIFA 16
2015-09-23 19:48 - 2015-10-07 17:21 - 00031438 _____ C:\WINDOWS\PFRO.log
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 07:05 - 2015-10-05 06:15 - 00018970 _____ C:\WINDOWS\DirectX.log
2015-09-17 21:06 - 2015-09-17 21:06 - 00359808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-17 20:55 - 2015-10-11 13:33 - 00000000 ____D C:\Users\expert pc\Desktop\Aquarium
2015-09-17 20:45 - 2015-09-17 20:45 - 01561875 _____ C:\Users\expert pc\Documents\Bestellformular_01.tif
2015-09-17 20:40 - 2015-09-17 20:40 - 00001070 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\Program Files\Tracker Software
2015-09-15 20:44 - 2015-10-10 12:55 - 00000000 ____D C:\Users\expert pc\Desktop\Videobearbeitung
2015-09-15 19:42 - 2015-09-15 19:42 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\0RBITALIS
2015-09-15 19:37 - 2015-10-11 19:53 - 00002940 _____ C:\WINDOWS\setupact.log
2015-09-15 19:37 - 2015-09-15 19:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-14 21:16 - 2015-10-12 06:34 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-12 06:40 - 2015-07-31 14:34 - 00000000 ____D C:\Users\expert pc
2015-10-12 06:40 - 2014-11-11 22:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-12 06:39 - 2015-02-06 23:03 - 00000000 ____D C:\Users\expert pc\Desktop\HS
2015-10-12 06:35 - 2014-06-30 03:26 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{968F1233-CAC6-49C7-9463-8E9C2E9BCE20}
2015-10-12 06:34 - 2014-10-02 23:01 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Skype
2015-10-12 06:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-12 06:33 - 2015-01-01 18:31 - 00000000 ____D C:\Users\expert pc\AppData\Local\LogMeIn Hamachi
2015-10-12 06:33 - 2014-10-19 16:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-12 06:32 - 2015-07-31 16:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-11 23:47 - 2014-10-08 19:26 - 00000000 ____D C:\Users\expert pc\AppData\Local\Battle.net
2015-10-11 23:29 - 2014-10-12 14:45 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TS3Client
2015-10-11 22:22 - 2014-10-08 19:26 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-11 20:28 - 2014-10-08 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-11 20:22 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-11 19:58 - 2015-07-31 14:33 - 01994140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-11 19:58 - 2015-07-10 18:34 - 00848086 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-11 19:58 - 2015-07-10 18:34 - 00186362 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-11 19:55 - 2015-09-09 11:54 - 00019035 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-10-11 19:52 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-11 19:52 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-11 19:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-11 19:52 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-11 12:18 - 2015-09-09 11:47 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForexpert pc.job
2015-10-11 12:17 - 2015-03-25 18:44 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-10-10 18:53 - 2015-09-09 12:21 - 00000000 ____D C:\Users\expert pc\Documents\Bandicam
2015-10-09 23:04 - 2015-03-16 14:50 - 00000000 ____D C:\Users\expert pc\Documents\ManiaPlanet
2015-10-09 22:11 - 2015-03-16 14:50 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-10-09 21:27 - 2015-07-31 16:10 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-10-09 21:01 - 2014-10-08 19:12 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-09 21:00 - 2014-10-08 19:12 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-09 20:50 - 2014-10-26 15:17 - 00000000 ____D C:\Users\expert pc\Desktop\Steam
2015-10-09 17:51 - 2015-04-05 18:58 - 00000000 ____D C:\Users\expert pc\Desktop\RandomBilder
2015-10-08 18:09 - 2015-02-19 18:40 - 00000000 ____D C:\Users\expert pc\AppData\Local\Steam
2015-10-07 20:27 - 2015-07-31 22:58 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Audacity
2015-10-07 17:54 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 17:31 - 2014-06-21 09:40 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2015-10-07 17:31 - 2014-04-02 13:27 - 00000000 ____D C:\SWSETUP
2015-10-07 17:20 - 2015-09-09 11:38 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-07 17:20 - 2014-06-21 01:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-06 20:45 - 2015-06-17 09:22 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 17:00 - 2015-07-31 16:56 - 00817848 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-10-06 17:00 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-06 17:00 - 2015-07-09 19:11 - 00190648 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2015-10-05 10:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 06:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-05 06:04 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\Documents\CyberLink
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\CyberLink
2015-10-04 22:05 - 2014-06-21 01:16 - 00000000 ____D C:\Users\Public\CyberLink
2015-10-04 22:01 - 2014-10-28 20:59 - 00000000 ___RD C:\Users\expert pc\Desktop\VideosYugoh
2015-10-04 13:49 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-03 12:14 - 2014-10-08 19:22 - 00000000 ____D C:\Users\expert pc\Powersaves3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2015-10-03 11:53 - 2014-10-09 17:36 - 00000000 ____D C:\Users\expert pc\Desktop\DevPro
2015-10-03 06:58 - 2015-08-01 00:19 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 06:58 - 2014-06-21 00:51 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 06:58 - 2014-06-21 00:51 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:38 - 2015-07-31 14:31 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 20:56 - 2014-10-02 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 20:52 - 2014-11-23 17:29 - 00000000 ____D C:\ProgramData\Origin
2015-10-02 20:24 - 2015-03-21 12:57 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-01 11:30 - 2015-07-31 14:31 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-30 17:55 - 2014-10-11 11:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 20:59 - 2014-10-10 22:33 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-09-27 13:53 - 2014-10-28 19:49 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.technic
2015-09-27 13:52 - 2014-10-26 13:05 - 00000000 ____D C:\Users\expert pc\Desktop\Minecraft
2015-09-23 07:07 - 2014-11-23 17:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-16 19:11 - 2014-06-27 07:32 - 00000000 ____D C:\Users\expert pc\AppData\Local\Packages
2015-09-15 19:59 - 2014-11-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-09-15 19:59 - 2014-11-23 16:36 - 00000000 ____D C:\Program Files (x86)\THQ
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 21:07 - 2015-07-31 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-14 13:25 - 2015-05-02 00:38 - 00000000 ____D C:\Users\expert pc\Desktop\Online Dateien
2015-09-13 21:03 - 2014-10-08 19:17 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.minecraft
2015-09-13 14:22 - 2014-10-02 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-16 20:48 - 2015-01-16 21:53 - 0000098 _____ () C:\Users\expert pc\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg

Einige Dateien in TEMP:
====================
C:\Users\expert pc\AppData\Local\Temp\Extract.exe
C:\Users\expert pc\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\expert pc\AppData\Local\Temp\nvStInst.exe
C:\Users\expert pc\AppData\Local\Temp\SP72853.exe
C:\Users\expert pc\AppData\Local\Temp\sqlite3.dll
C:\Users\expert pc\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-10 02:03

==================== Ende von FRST.txt ============================

Den requierten GMER Scan konnte ich nicht durchführen.
Beim Programmstart spuckte das Programm immer wieder:

C:\\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Während des Scannens bricht der Scan dann ab und der Pc startet sich selbst neu.
Dieser Fehler tritt auch direkt nach dem Neustart von Windows auf.

Was mir außerdem aufgefallen ist, dass CCleaner nach jedem Neustart immer mehr zu bereinigende Dateigrößen auswirft.

Ob das mit dem Adware Problem zusammenhängen könnte?

Bitte um Hilfe.

DukeYGO 12.10.2015 18:40
Die Addition TXT wollte er ir-wie nicht in den Startpost haben:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-10-2015 02
durchgeführt von expert pc (2015-10-12 06:42:37)
Gestartet von C:\Users\expert pc\Desktop\Virenentfernung
Windows 10 Home (X64) (2015-07-31 14:00:46)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2350193266-1077779400-760107588-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2350193266-1077779400-760107588-503 - Limited - Disabled)
expert pc (S-1-5-21-2350193266-1077779400-760107588-1001 - Administrator - Enabled) => C:\Users\expert pc
Gast (S-1-5-21-2350193266-1077779400-760107588-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Action Replay PowerSaves 3DS Version 1.29 (HKLM-x32\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.29 - Datel Design & Development)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Games)
Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Games) Hidden
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.10.150607 - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.1.840 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{82696435-8572-4D8B-A230-D1AA567D0F0F}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Corsair Gaming Headset Software (HKLM-x32\...\{E7AB6875-782B-47B9-A969-7D4E3BB0C19A}) (Version: 2.0.35 - Corsair)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.5.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3702 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3625 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4230 - CyberLink Corp.)
Dead Space™ 2 (HKLM-x32\...\{C549C2A2-574F-4ABC-933C-BD11D027C16A}) (Version: 1.0.941.0 - Electronic Arts)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.11.64.1020 - Electronic Arts Inc.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{06600E94-1C34-40E2-AB09-D30AECF78172}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.06 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Inst5675 (Version: 8.01.06 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.06 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.396 - Kaspersky Lab) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{85BA85A6-9473-4A77-8849-BE6F01F0ABD6}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (HKLM\...\MX.{B50BBED4-5101-45A1-BA9D-93AEF3A638E3}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus Update (Version: 14.0.0.172 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus Update (Version: 14.0.0.183 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Medal of Honor Allied Assault Warchest (HKLM-x32\...\{D61BA037-2326-4CEF-B3AC-252046D0476A}) (Version: 1.11.0.2 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.315.0 - Tracker Software Products Ltd)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)
Ultima 7 (HKLM-x32\...\{4F4D844E-7B08-43A7-9C91-0B7D978EEC4D}) (Version: 1.0.0.1 - Electronic Arts)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Ultimate Tic-Tac-Toe (HKLM-x32\...\Steam App 360870) (Version:  - Tigerish Games)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
Wing Commander IV (HKLM-x32\...\{94230DA4-58A2-477D-9DEA-5807F4F40768}) (Version: 1.0.0.0 - Electronic Arts)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version:  - Team17 Software Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

05-10-2015 06:04:03 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
07-10-2015 07:34:53 Installiert Realtek High Definition Audio Driver
10-10-2015 11:00:07 Camtasia Studio 8 wird installiert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0EF8E2C4-E6D3-43EA-95C9-026F04B9AA85} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {26E3C755-638A-4508-87CB-7B7A48A3141E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2770ED92-CEDA-450B-B87D-8C4BFE863971} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {32BAD6AA-BFC4-4814-B794-80097DD1360C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {37E74874-C9C0-4E41-8436-B6577DC03280} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3CBD19EC-9228-48E6-925B-A51F631C7C56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {513C051D-78DA-462F-89D5-FD7EB2C707DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {53217996-C07C-45A3-A038-0E41DE1F77DB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6ED2BFEF-B616-4230-8537-1D6051D79A2F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {77B956F6-5D52-4AD3-84AF-071A8547BF5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8DCD45F0-1F3C-4362-BBC3-2C0B967CFBF8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {958BFF4E-C06F-49CC-A82D-E7FB9FC291A7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {9F0ED30D-73CB-4827-9980-B1F02D1FE3B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B785DD4D-53F0-4A8B-AB2A-4F365293C0B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {B81F3153-2A6D-4313-ACB7-CCE97C8246D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {BD96FAB3-7B20-42CA-98FC-BA84EA754660} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {CC0C9FE2-549A-47E5-9A41-664DE7C6C39A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D242889B-D0A0-43AF-A5C5-71E50A40702C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {E8F26813-C723-4E1A-87DF-4B68C3EF8763} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDAE683B-7093-4AA2-862B-498070AA3619} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE3CE3FD-1698-467D-8080-4E85E33BC6D1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForexpert pc.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-31 15:22 - 2015-07-31 15:22 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-02-07 11:24 - 2014-02-07 11:24 - 02108928 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-02-07 11:21 - 2014-02-07 11:21 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-02-07 11:40 - 2014-02-07 11:40 - 00368528 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-02-07 11:40 - 2014-02-07 11:40 - 00714128 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-08-19 19:11 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-31 14:31 - 2015-10-03 04:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:23 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 18:23 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-02-07 11:28 - 2014-02-07 11:28 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2015-07-10 23:37 - 2015-07-10 23:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-31 23:26 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-03 11:28 - 2015-10-05 18:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 22:57 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-09-22 20:32 - 2015-10-09 01:02 - 02422864 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-21 10:15 - 2015-09-24 02:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-21 10:15 - 2015-09-24 02:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-21 10:15 - 2015-09-24 02:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-21 10:15 - 2015-09-24 02:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-21 10:15 - 2015-09-24 02:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-19 22:57 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 22:57 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-22 20:32 - 2015-10-09 01:02 - 00704592 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 06:05 - 2015-09-14 22:20 - 00193536 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-09-04 15:29 - 2015-10-09 00:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00338216 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00502056 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00608040 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D6CB94FD-9897-491E-BA0C-65B09CC06D88}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{84F8EAC4-86D9-4D3F-9C6C-92B2BA203E8D}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{7D3B2C10-CB4C-4809-B738-2A338398917A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{D5C72CC0-68F7-4710-A360-055606328231}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{7E3CB694-6513-4617-B708-1FBA765513A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{41289A01-BF96-4C88-8317-40056D1755E8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{7A29AB61-64A5-4CA1-95A0-3ED6EF6090C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{4F659D33-5557-43A9-88FD-C91454D315E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{F47F4528-F957-4792-B4F0-BC92163B0BA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B4165F12-03B0-4AFA-BC5F-B7CC2A7FD18B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{0AD30AFA-AD6A-41B1-8A81-E955534D226D}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{59D35ED1-FED4-476D-9C6D-44F30EE9E9E5}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{7FE09E85-1D7C-40AB-9B36-0DC95404CB20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{EFC4A256-1351-4B60-AC85-3E1B6B51DEFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\_Rift\Binaries\Win32\DreamRift.exe
FirewallRules: [{4D4E2F6C-AA54-49F4-8DA8-23E023C390F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{13C0BA55-D12B-4D70-A4F6-04059A54C901}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{B2FAECE0-4387-4E81-B24C-FBC85A48EB5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{CA3DA091-6CED-48A3-B0B8-4958EDE15B8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe
FirewallRules: [{4B5F3CDA-D2C3-49D1-8C43-DB26E6EFB4D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{1BDF052D-1E0E-4CB0-AB27-9AB1B575F78F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior Classic\bin\sw.exe
FirewallRules: [{AC8B97BD-0BF4-4F37-976E-69F73418D472}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{CD00BE67-C410-417E-953B-13D2C5193526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{A2741DAB-3B12-461C-8F23-FA17FC3F399D}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander IV\wc4dvd.exe
FirewallRules: [{576F59B7-C1AF-4C73-A42B-81D1E271FD6D}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander IV\wc4dvd.exe
FirewallRules: [{EDF4E70E-55FC-4560-A6E6-6B041239D42F}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{31EE3D5F-A5AB-4FE2-83D4-71066A914A74}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{B032E22A-8134-4EE2-86AC-73B407A746D8}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 7\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{7D469084-3E28-457F-8156-A6DAC4309318}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 7\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{EC2A38FA-40DB-46BF-81EC-E127311E8BFC}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{26C7102F-9927-4326-8E53-48B9F8F7EBD3}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{7CEB49D5-3B18-434A-A7A7-BDAFAB1A2BC2}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{AA6FC60D-260A-432B-BCB3-2BCDAF7ECDE9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{05158CE6-8B85-4A86-BB54-16DBC94D92D3}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{B3BEC181-671B-4D82-8561-E48D876D1DF4}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{12C4CA9C-5C17-4589-ACE4-B9F3F5C90ABC}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [{BD535880-DA42-4A87-B4BF-588835142E79}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [{946A123E-5B00-489D-B126-1B9E8EB5317D}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{33A88F0E-407D-408D-BA31-B6F3CD28D0D8}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{5ABE1157-FB9B-4282-B741-F46741A10FBA}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 2\deadspace2.exe
FirewallRules: [{39C752EF-5EE5-4265-96A0-61C0569194EA}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 2\deadspace2.exe
FirewallRules: [{CAE67EFF-C348-49FE-9BC5-8F6DF5C47478}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{8AAB3539-6ECA-4964-8327-98565B7941B0}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{1C73F3ED-2195-469B-9DF3-C2986D5E212A}] => (Allow) C:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{39E02A49-7C21-417F-A095-B6DB2F8B6784}] => (Allow) C:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{58234253-C97E-47CA-9DB5-EB237E9EACFB}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{A8A87C12-E672-41D9-A024-8FE2BBB26189}] => (Allow) C:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{C5C7A40E-7835-4D2B-A918-6126396EE6BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{EB84A2E1-F2F2-4BE2-96E5-F06E6F4E2D1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{64F748AC-376A-41F0-A9E5-1DE8903596F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{BD08BA56-175A-461E-BE48-BC44D4088BE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{7A7F70FB-4CC7-4839-9564-4E145690B09F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate Tic-Tac-Toe\UltimTicTacToe.exe
FirewallRules: [{8E44D954-D9D3-4D2F-9687-61A207B85A04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ultimate Tic-Tac-Toe\UltimTicTacToe.exe
FirewallRules: [{65C2F628-8715-485D-9D09-AB329D0590BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{8ABF7734-4648-4631-BDE5-B7CB2B953F7B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{7FCCE0D6-1369-4D03-9B85-00A8FB90CF37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{1CA96C65-AE61-49FC-8E79-EA8741716FCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{7FB82AA5-DD6A-4893-A2BC-BC49278C19F4}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015 Plus\Videodeluxe.exe
FirewallRules: [{6F86E245-593D-4A6F-BB8D-86C1DCFF10A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{933BB36A-7E08-4D45-B6B8-D0313257B9A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{55B481AB-707F-4C93-9488-5AAECE94883E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{4EBDC4C4-1616-43DB-9C4E-10195366F4DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{D095CEA8-EF16-4F8B-A03B-2BA8666C3FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eidolon\Binaries\Win32\UDK.exe
FirewallRules: [{7C714B03-240C-463A-ACE0-2589929A753B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eidolon\Binaries\Win32\UDK.exe
FirewallRules: [{D57723A4-72C1-49D4-BB45-404883CCCE01}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D7797E56-27C5-4043-99D6-8F3541343740}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{3244A73B-B119-4407-BB73-61B4F7B81B2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{75F12F7E-929F-4CDA-97E4-52208A1F56A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{FA7EC3F0-2CD6-4477-8553-BB36BF2AA09F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{33C98B17-F14A-44B4-83E3-97686D74CE82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{77F23BDC-2287-42A0-8B51-CF8553E6A456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Double Dragon Neon\bin\DoubleDragon.exe
FirewallRules: [{9371CDDD-2E15-4C44-B1F6-045F78AB7E9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Double Dragon Neon\bin\DoubleDragon.exe
FirewallRules: [{4886A18A-DF5E-4F7F-8458-DDEBE062BD62}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{F5362658-FB41-4BC3-9082-5E5DF6133E78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{FDFEC232-078F-4E64-A4F1-FB22DF67CA36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D384484-506B-4978-AD87-BECBFEF55013}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38DC60F1-8C56-444B-9D96-B6348E3D5730}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SirYouAreBeingHunted\x86\sir.exe
FirewallRules: [{7DB76D1C-C148-4191-91AF-A05A48311B4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SirYouAreBeingHunted\x86\sir.exe
FirewallRules: [{9BB4DBB9-2989-40F5-9330-0E4598AD4306}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SirYouAreBeingHunted\x64\sir.exe
FirewallRules: [{79ED094C-87D6-43B1-A234-38FC91A0558F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SirYouAreBeingHunted\x64\sir.exe
FirewallRules: [{459BB911-1503-497B-AD25-CB620A8EEBE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{72B836A3-C6A5-4CE6-A980-40BF98414743}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{60A8B7A3-74BB-4870-9B5E-D96430A3A48C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe
FirewallRules: [{F12867C0-1A02-4A67-9677-86052ACDF2EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe
FirewallRules: [{662F07AC-63D4-4CF4-BE62-89C4EE8B0D6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Concursion\Concursion\Concursion.exe
FirewallRules: [{2D28A7C5-9F67-4D3C-9E25-05B769939508}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Concursion\Concursion\Concursion.exe
FirewallRules: [{B0D7905D-993D-4807-923A-02AE80F57908}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{6832AB95-50ED-4214-BC3F-DCD69E1207F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{CA6CBA6A-A9E2-4FA0-8CF2-81255611AFF8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{94A0E79C-B331-4BE0-B891-8ED2D0FBD7B7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8D9268AA-7E51-4B6D-9704-5E522398A546}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2607D659-402D-4BCE-9854-089DBEA40B34}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AB83AC09-6D6E-4AC7-937A-1F8634235AF1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16312C38-9B8D-4084-9FFF-7D86D147730F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C5D74D3-125F-47C0-B315-BBB347C11D2A}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{2E96DE4C-8D2D-4B91-827D-F84A495CAE21}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{F601DC04-4420-4B6D-8344-51AE95819D3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{2F355572-0359-4DF7-9C95-6DC9701EB890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WormsXHD\Launcher.exe
FirewallRules: [{08F6735F-E954-436C-80A1-5904ED66BBC0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{D8512716-1B12-429F-8599-78EA45D17396}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{1324C759-4307-4C45-9A4A-B6D4C1DCB129}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{931F7E4A-4E91-4A2D-BF89-22A525F660D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{04CD2EC8-E519-41F1-8496-C519B8AA3E70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{106EAA4B-F0D5-4855-A725-2480A6AB6BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{60E05866-3304-45B5-8FC5-64D73A3C05B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B5CF47C6-5A77-4EA5-AC99-B9569582FA0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B18AFAD0-6976-4F6C-A6F7-81005957B19D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{12F90DBD-AB2F-4F7F-9BEB-F45E59C07B48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{C4DC971A-FE42-462D-89AE-8068EF96C392}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{3F7DACBA-AA66-44CE-A3EE-0A5EA9183311}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{B835E00B-0A36-4109-B535-03E338E8AF92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{E8C729F5-2437-45F9-B42E-2328EFD0A08E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{088BDC9D-AD35-4563-B207-B5BE0F9363C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C95E3689-A4DC-4D20-89DE-D8BA914264AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{56D3BB6E-7E42-46E7-89BB-7A32CC505D2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{82987AF1-16F1-4DC0-AF7A-2F6B8E429A1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{6BD0AB37-D3D7-49E7-90B7-F61061AB913E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{65DD4B99-FB92-43C1-AB8B-3D79E49838F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A9F78D16-63BC-4125-A03B-57D8C5B1629F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7956DBD6-BAD4-4048-B08A-3E1E51D96100}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{37D7FB19-39BE-465F-9958-ED952D962D06}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{3E54857E-936C-4E60-9E50-3943DEBD29FC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{A7B0D851-1F84-4855-94D0-63124B62656B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{5656B070-F04D-4D5E-BDCE-C8EBC631F0BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{572004C6-0DFB-425E-9C6D-9BBB3731A78F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{368D6749-3A07-4963-B814-3F4C91FADD25}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7F5DBA54-3F36-49F0-9ABE-F6403A463C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{AD7036D5-15C7-4689-820A-1412DA7C3261}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1B67BBA2-5ABB-422D-BAD2-4B4892F44091}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{70093876-45F8-4EDB-A177-655F4B53C6A6}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\IGE_WPF64.exe
FirewallRules: [{D68C9E22-5982-42E9-B44B-C574F295E8BB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{351A0AA6-12C9-4C71-9490-F399F0930D52}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 4\bin\FarCry4.exe
FirewallRules: [{3DCBDA39-7DC6-463E-A5B6-B211D2966966}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{2AB97052-3DE2-4DE5-A416-EA26875E96A7}] => (Allow) C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe
FirewallRules: [{6B521553-1357-478C-923C-54553695EC62}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{AF949560-51C3-4449-A069-582E9A64B7C3}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{6602D9D2-A74E-4093-99A9-74A598AB58A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BED9DE18-9D1C-4CD1-8E39-7B72BE8E1EE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{6E7F4990-DC99-4A81-855C-FDA01B0831BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{AFC2FDE7-D615-4B14-96A2-B92D4EB931F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{E4811331-FE47-4861-ABC1-0B2ADD983C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{9F137FF8-AB1E-4DEC-93FC-6FEA1099AB57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{DCB09374-EEF7-40A6-8FD5-19963FA1AD11}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{35C80DF4-86B5-4FD1-8136-FC67725C2827}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7F1799D2-21ED-4F64-8CC4-EF8D29336D1C}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{4AB351E2-9D2C-4595-BCCD-15849AE33279}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{AC4E2D5E-C987-472F-95A7-491599A9DCAF}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{73727312-46A9-4BB4-A985-DD5837BC83A1}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{618C4FE9-C215-45EF-B05F-74CA1720C601}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{3B66C58E-8577-491F-8F3F-B9DC5B78EF80}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{FAF024F2-0C44-460E-8AC8-B917DD2E2645}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{9DB99EFC-F33A-44F8-B386-1540A3A0BD31}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{9943E78E-0D89-4A96-9DA3-B6DE7D89845E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{10FBEA05-AB41-4067-B52F-A5A4242682CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{967CE8F4-D0BB-4337-B24D-C844796867B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9872D42-00C4-464D-93D4-B3799D2DD632}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D2A697FF-F01C-4330-BE73-02AB539B48DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{CF12512A-6BBD-4255-A205-3276701988DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{06B33397-E592-4E35-ACAF-8D5366FEDBDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{3CFBBFE5-CF0C-4765-9DD3-EA492266506D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{FA2B67CF-6704-475B-BCC1-D87E8D9556F2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1FF41ADB-0D78-4E1F-9ED7-213EE44AA4AC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FF536CE0-0C24-4B31-9792-141D6A0DBB9F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{662E3AD1-25BC-4653-947D-864B73EDE3A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F987E67A-1385-4281-9C97-19BC46A73366}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe
FirewallRules: [{9766A6CD-C6D9-49D1-9BFD-23304BBD8B05}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatchery.exe
FirewallRules: [{6313DA3D-E0C1-4341-96F3-226BC99B76C7}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe
FirewallRules: [{43B54012-9435-4C71-B7A6-9706E84AE33F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcherx.exe
FirewallRules: [{1B5F465D-1E6A-41A9-AFD2-E678303B0019}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
FirewallRules: [{4101B284-E591-4643-8EFB-36ECF5CBEF46}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
FirewallRules: [{FBEF2267-A724-4078-904A-05F2616686F3}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe
FirewallRules: [{778B20F5-03D0-4BBA-BB1F-4F1ED24AD2A6}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher.exe
FirewallRules: [{98BD6EEC-F0E8-4C52-88F2-67331B2BE1BB}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{1E823E38-685A-4DEB-B168-4721BD08D8AC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{E3E5A016-FEEB-4B82-9B8B-DAD68FFDF643}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{46C16825-83FB-4A38-BC29-CD1CAF7B5D1A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{081F01A1-98D8-4CDF-9D7F-D22D4C1CECC3}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{CE803E69-B334-49BF-B960-3999AFF33EDC}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{80487897-7948-4E1F-A56B-D6BF2DDFD384}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{E1194DD6-E760-4228-AC16-8BF979C49461}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{6F5882D9-DE42-44E5-979F-BA3BE5D7FE01}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{A162A959-D32F-4A1F-AE15-0CAB64E15467}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{83D8F721-191D-4B66-AE6D-2B642C247D58}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{171AF101-1095-40D6-8A3F-FDE4B0928412}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{02F23198-8BDA-4488-8E73-C168CA9F7C94}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{77795AA9-DE95-464C-9CEC-47610180D19B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{2875E03E-A4D4-45D3-847A-19389880BCF4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{424CFF66-A605-4595-AA6D-AAE82043EAFE}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{ED3B8508-483C-4A6E-8A53-7F156EF6C422}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{BB7A3414-0DE3-4887-A168-37E77F64E6AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{F42A9AF6-CF6A-4748-B183-E0FF456572B4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6BB243A1-5710-4BF3-A614-0A5B0DA7B423}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{88A80B8B-C7F4-4030-8CB6-AD455C1CC393}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{4251BFCF-E297-4B16-95A5-916159407EBF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{7BE5FAAB-5FC6-4F7D-AF68-20BB0EC034C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{3343B825-E6E1-4CA9-9C4A-9FE2447C44A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{2A98591B-4734-45D9-8048-D753F3666EBF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{60AED049-FDEC-4D2B-A2D7-A1DD5A74FA69}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{BF677212-BAF3-4F3D-9F6F-7AAFD4B6680E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{9EDCE7E5-3079-424A-9628-E2A640FD995F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{8F53DB78-2A91-4A77-85F9-649345B86EE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{490F51B2-6DA8-43F0-8B60-F4F05C0EE244}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B9EA867B-3837-4108-8CD9-04174E742748}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{68C6310E-FFB9-414D-B8A3-EE7669E08C7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{E4D3D348-613E-48EB-9792-39B3816021D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B538490E-19A7-449F-A90E-2CB3CEBD165D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B267F03D-DF7C-46C7-BD71-E605DCE85DCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DD0A31FD-BC2B-4591-8726-8E3D7B2724B7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F5CAAF15-1BAD-4E7E-806B-AA073CAFCEB9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E9772942-FAB7-49D5-8BF4-235AA646C989}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{0A69D70B-0076-4559-8968-E3AB405A319F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EA920D51-91B3-4250-B040-377534EBE384}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{20C9A49D-13CE-4E93-8982-484B4F180FF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277EA0A3-6F59-44C6-A012-0BAEEA8B657B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{556939B8-581C-4976-A317-6F2807FAC918}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5613CFF9-032B-4AA4-9EAE-6C03D51191A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48D2EBA5-E8FF-4B16-AC4F-D890D68661FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{663A619A-D401-40DF-976E-9A242931153F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4FB65421-D737-45AB-8647-18B0EB96ECF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BB98A17D-02A3-46B9-9B5B-E73BAE53DAC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D672F7CE-682A-45D3-86E7-A7EE25FABD88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{52601DF0-516F-4B6F-B23D-4BCC0C91A74E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{8B75C210-EEC6-4C72-A206-F3FB93BF79F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GRAV\Binaries\Win64\CAGGame-Win64-Shipping.exe
FirewallRules: [{B79406D9-284E-467B-AAEF-1ECF87477AD7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GRAV\Binaries\Win64\CAGGame-Win64-Shipping.exe
FirewallRules: [{13A9A403-99BC-4A93-B156-DF79F20A8DB0}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{AC09FB43-1589-47A9-97B7-1D401BBE45A5}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{8A4BA7F2-E0F3-4F06-8FB7-F2DDBF87CD0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{2C5636A7-B030-49DD-BF82-0333CD469FEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dream\Binaries\Win32\Dream.exe
FirewallRules: [{026D3274-1D82-4E38-9EEE-2D01EFD6ED53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E808951E-CAA5-4089-85AD-712CC13E78FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{1A760FBB-C134-46E9-BDEE-EAF2380AB0E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{9C6EE1D3-FA2B-4F44-A2FC-AE8381B4050F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{58FE26E9-E895-4852-8B71-09D6A42F8CF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{C07B60B1-E930-461A-9A2C-1EC132CDB83A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{4575C862-2645-48F3-A05E-5EE6AFDB6EFB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{6EBFD669-1AC0-4367-99D2-65CF5C400220}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{C6D5294C-578D-4FE9-8ED1-7F72B81664DE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{E060D43D-8461-4558-86B3-63525E49175A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{73C69E57-595C-4BE8-A784-152787980094}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{63004B94-F08C-4C35-92A2-77F27F3D8B3A}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A85D6CF9-0A11-4004-BDD3-F1EA4C8396BE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B574AEAA-994C-4CD3-97C1-40510FCD66CD}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{4FD087CC-6308-4BC1-8156-D8FB082E958A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{5DEF28FA-0B9B-4712-B2AA-43DFD3E1FB2A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{A1EE2060-4515-4EB0-87BB-1ABB1E26E87E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{D4DA21C5-906E-4BFA-8203-03BC9323C74C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{E68259CF-491B-4DD3-9772-D24348F5D89B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{33233595-C89D-4B6A-A1D9-DBED85E7A12D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{322A1422-6A94-443B-B724-602F28333B07}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{5CD38CF4-6E16-40D4-B8CB-FA38F91EC082}] => (Allow) LPort=8317

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/11/2015 11:59:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:51:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:51:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:51:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:51:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:51:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 15.1001.16470.0, Zeitstempel: 0x560dcab0
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa59bd
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000004aee7f
ID des fehlerhaften Prozesses: 0x14b0
Startzeit der fehlerhaften Anwendung: 0xMicrosoft.Photos.exe0
Pfad der fehlerhaften Anwendung: Microsoft.Photos.exe1
Pfad des fehlerhaften Moduls: Microsoft.Photos.exe2
Berichtskennung: Microsoft.Photos.exe3
Vollständiger Name des fehlerhaften Pakets: Microsoft.Photos.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Photos.exe5

Error: (10/11/2015 07:47:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: expert)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/11/2015 07:47:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa545a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000006644f
ID des fehlerhaften Prozesses: 0x144
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (10/11/2015 07:47:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa545a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000006644f
ID des fehlerhaften Prozesses: 0x22f8
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (10/11/2015 07:47:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa545a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000006644f
ID des fehlerhaften Prozesses: 0x2230
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5


Systemfehler:
=============
Error: (10/11/2015 11:59:48 PM) (Source: DCOM) (EventID: 10010) (User: expert)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/11/2015 11:59:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/11/2015 11:59:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/11/2015 11:59:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/11/2015 11:59:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/11/2015 08:01:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0

Error: (10/11/2015 07:51:56 PM) (Source: DCOM) (EventID: 10010) (User: expert)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (10/11/2015 07:51:53 PM) (Source: DCOM) (EventID: 10001) (User: expert)
Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca31App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mcaNicht verfügbarNicht verfügbar

Error: (10/11/2015 07:51:53 PM) (Source: DCOM) (EventID: 10010) (User: expert)
Description: App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca

Error: (10/11/2015 07:51:52 PM) (Source: DCOM) (EventID: 10010) (User: expert)
Description: Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16323.07 MB
Verfügbarer physikalischer RAM: 13132.69 MB
Summe virtueller Speicher: 18755.07 MB
Verfügbarer virtueller Speicher: 15224.33 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1848.29 GB) (Free:1431.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:12.81 GB) (Free:1.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B0DA372C)

Partition: GPT.

==================== Ende von Addition.txt ============================
Es wird langsam ernster.
Eben hat mein Pc sich komplett verfahren und hatte einen breaking Point Error, die Festplatte hat sich dabei mit abgemeldet und dann ist einfach mal das gesamte Pc nicht mehr erreichbar gewesen und auch die Festplatte war bis zu einem neuschalten des Stroms nicht ansteuerbar.

Ich habe erstmal CCleaner laufen lassen und alle Registries gefixt. Hoffentlich hat sich das Problem damit erledigt.
Leider ist das andere Probleme immernoch unbearbeitet :/

schrauber 12.10.2015 19:53
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

DukeYGO 12.10.2015 20:42
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 12.10.2015
Suchlaufzeit: 20:59
Protokolldatei: mbam txt.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.12.02
Rootkit-Datenbank: v2015.10.06.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: expert pc

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 419382
Abgelaufene Zeit: 18 Min., 44 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.Proinstall, C:\$RECYCLE.BIN\S-1-5-21-2350193266-1077779400-760107588-1001\$RROEE2P.exe, In Quarantäne, [27eb3521167562d4f726c2bc60a1fe02],
PUP.Optional.MalwareProtection, C:\Users\expert pc\AppData\Local\Temp\{D0427A7B-DDA6-4B7B-A509-3D4CC7039C5C}\installer.exe, In Quarantäne, [0b074b0b6328ac8a74ce7d753fc2a55b],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by expert pc on 12.10.2015 at 21:32:38,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{61909BC3-BE76-4BDB-A905-689F89D62260}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{61909BC3-BE76-4BDB-A905-689F89D62260}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\expert pc\Appdata\Local\crashrpt



~~~ FireFox

Emptied folder: C:\Users\expert pc\AppData\Roaming\mozilla\firefox\profiles\obvvz6c4.default\minidumps [17 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.10.2015 at 21:34:29,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
# AdwCleaner v5.013 - Bericht erstellt am 12/10/2015 um 21:25:44
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-09.3 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : expert pc - EXPERT
# Gestartet von : C:\Users\expert pc\Desktop\Virenentfernung\AdwCleaner_5.013.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [874 Bytes] ##########
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
durchgeführt von expert pc (Administrator) auf EXPERT (12-10-2015 21:35:39)
Gestartet von C:\Users\expert pc\Desktop\Virenentfernung
Geladene Profile: expert pc (Verfügbare Profile: expert pc)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\wmi64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-12-03] (Hewlett-Packard )
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2900560 2015-10-09] (Valve Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\RunOnce: [Uninstall C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-10-08]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{96af2199-8831-487a-87fc-f08f0f7ac314}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a222317e-793e-4a1c-9ac1-8a4ebd92dbd2}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/4
SearchScopes: HKLM -> {61909BC3-BE76-4BDB-A905-689F89D62260} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\expert pc\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-02] ()
FF Extension: Adblock Edge - C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-09-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-02] (Electronic Arts)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-05] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-09] (Kaspersky Lab UK Ltd)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-07-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-07-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-07-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-07-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-09] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-07-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-07-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-09-04] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-09-09] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-12 21:34 - 2015-10-12 21:34 - 00001107 _____ C:\Users\expert pc\Desktop\JRT.txt
2015-10-12 21:28 - 2015-10-12 21:28 - 00000956 _____ C:\Users\expert pc\Desktop\AdwCleaner[C2].txt
2015-10-12 21:27 - 2015-10-12 21:27 - 00016148 _____ C:\WINDOWS\system32\EXPERT_expert pc_HistoryPrediction.bin
2015-10-12 21:22 - 2015-10-12 21:22 - 00001498 _____ C:\Users\expert pc\Desktop\mbam txt.txt
2015-10-12 19:36 - 2015-10-12 19:37 - 00692284 _____ C:\Users\expert pc\Documents\cc_20151012_193651.reg
2015-10-12 06:54 - 2015-10-12 06:54 - 00349376 _____ C:\WINDOWS\Minidump\101215-24906-01.dmp
2015-10-12 06:49 - 2015-10-12 06:54 - 730655172 _____ C:\WINDOWS\MEMORY.DMP
2015-10-12 06:49 - 2015-10-12 06:54 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-12 06:49 - 2015-10-12 06:49 - 00373296 _____ C:\WINDOWS\Minidump\101215-24203-01.dmp
2015-10-12 06:40 - 2015-10-12 21:35 - 00000000 ____D C:\FRST
2015-10-12 06:40 - 2015-10-12 06:40 - 00000000 _____ C:\Users\expert pc\defogger_reenable
2015-10-12 06:39 - 2015-10-12 21:35 - 00000000 ____D C:\Users\expert pc\Desktop\Virenentfernung
2015-10-11 19:39 - 2015-10-11 19:51 - 00000000 ____D C:\Users\expert pc\AppData\Local\CrashDumps
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\Documents\Camtasia Studio
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00001248 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Users\expert pc\AppData\Local\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\ProgramData\TechSmith
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\Program Files (x86)\TechSmith
2015-10-09 21:24 - 2015-10-12 21:25 - 00000000 ____D C:\AdwCleaner
2015-10-08 22:20 - 2015-10-08 22:21 - 00000000 ____D C:\Users\expert pc\Knuddels
2015-10-07 17:54 - 2015-10-03 04:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-07 17:52 - 2015-10-03 06:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 17:41 - 2015-10-07 17:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-07 17:41 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-07 07:11 - 2015-10-07 17:20 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-10-07 01:29 - 2015-10-07 01:29 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-06 22:30 - 2015-10-10 10:34 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\vlc
2015-10-06 22:29 - 2015-10-06 22:29 - 00001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-10-05 06:29 - 2015-10-10 10:40 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\avidemux
2015-10-05 06:29 - 2015-10-05 06:29 - 00001185 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 32 bits (32-bit).lnk
2015-10-05 06:29 - 2015-10-05 06:29 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2015-10-05 06:15 - 2015-10-05 06:23 - 00000000 ____D C:\Users\expert pc\AppData\Local\Windows Live
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\expert pc\.MCTranscodingSDK
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\ProgramData\Geevs
2015-10-01 18:23 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:23 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:23 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:23 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:23 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:23 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:23 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:23 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 18:23 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:23 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:23 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:23 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:23 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:23 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:23 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:23 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:23 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:23 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:23 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:23 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 18:23 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 06:57 - 2015-10-02 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 19:38 - 2015-09-26 15:51 - 00000000 ____D C:\Users\expert pc\Documents\FIFA 16
2015-09-23 19:48 - 2015-10-12 21:26 - 00032842 _____ C:\WINDOWS\PFRO.log
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 07:05 - 2015-10-05 06:15 - 00018970 _____ C:\WINDOWS\DirectX.log
2015-09-17 21:06 - 2015-10-12 21:19 - 00359528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-17 20:55 - 2015-10-11 13:33 - 00000000 ____D C:\Users\expert pc\Desktop\Aquarium
2015-09-17 20:45 - 2015-09-17 20:45 - 01561875 _____ C:\Users\expert pc\Documents\Bestellformular_01.tif
2015-09-17 20:40 - 2015-09-17 20:40 - 00001070 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\Program Files\Tracker Software
2015-09-15 20:44 - 2015-10-10 12:55 - 00000000 ____D C:\Users\expert pc\Desktop\Videobearbeitung
2015-09-15 19:42 - 2015-09-15 19:42 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\0RBITALIS
2015-09-15 19:37 - 2015-10-12 18:18 - 00002979 _____ C:\WINDOWS\setupact.log
2015-09-15 19:37 - 2015-09-15 19:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-14 21:16 - 2015-10-12 21:27 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-12 21:34 - 2015-07-31 16:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-12 21:29 - 2015-09-09 11:54 - 00009134 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-10-12 21:29 - 2014-10-02 23:01 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Skype
2015-10-12 21:28 - 2014-10-19 16:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-12 21:26 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-12 21:26 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-12 21:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-12 21:26 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-12 21:25 - 2015-01-01 18:31 - 00000000 ____D C:\Users\expert pc\AppData\Local\LogMeIn Hamachi
2015-10-12 21:22 - 2014-10-08 19:12 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 21:19 - 2015-07-31 14:34 - 00000000 ____D C:\Users\expert pc
2015-10-12 21:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-10-12 20:40 - 2014-11-11 22:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-12 19:28 - 2015-07-31 14:33 - 01994140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-12 19:28 - 2015-07-10 18:34 - 00848086 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-12 19:28 - 2015-07-10 18:34 - 00186362 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-12 19:27 - 2015-04-05 18:58 - 00000000 ____D C:\Users\expert pc\Desktop\RandomBilder
2015-10-12 17:20 - 2014-06-30 03:26 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{968F1233-CAC6-49C7-9463-8E9C2E9BCE20}
2015-10-12 06:39 - 2015-02-06 23:03 - 00000000 ____D C:\Users\expert pc\Desktop\HS
2015-10-11 23:47 - 2014-10-08 19:26 - 00000000 ____D C:\Users\expert pc\AppData\Local\Battle.net
2015-10-11 23:29 - 2014-10-12 14:45 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TS3Client
2015-10-11 22:22 - 2014-10-08 19:26 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-11 20:28 - 2014-10-08 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-11 20:22 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-11 19:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-11 12:18 - 2015-09-09 11:47 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForexpert pc.job
2015-10-11 12:17 - 2015-03-25 18:44 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-10-10 18:53 - 2015-09-09 12:21 - 00000000 ____D C:\Users\expert pc\Documents\Bandicam
2015-10-09 23:04 - 2015-03-16 14:50 - 00000000 ____D C:\Users\expert pc\Documents\ManiaPlanet
2015-10-09 22:11 - 2015-03-16 14:50 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-10-09 21:00 - 2014-10-08 19:12 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-09 20:50 - 2014-10-26 15:17 - 00000000 ____D C:\Users\expert pc\Desktop\Steam
2015-10-08 18:09 - 2015-02-19 18:40 - 00000000 ____D C:\Users\expert pc\AppData\Local\Steam
2015-10-07 20:27 - 2015-07-31 22:58 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Audacity
2015-10-07 17:54 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 17:31 - 2014-06-21 09:40 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2015-10-07 17:31 - 2014-04-02 13:27 - 00000000 ____D C:\SWSETUP
2015-10-07 17:20 - 2015-09-09 11:38 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-07 17:20 - 2014-06-21 01:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-06 20:45 - 2015-06-17 09:22 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 17:00 - 2015-07-31 16:56 - 00817848 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-10-06 17:00 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-06 17:00 - 2015-07-09 19:11 - 00190648 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2015-10-05 10:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 06:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-05 06:04 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\Documents\CyberLink
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\CyberLink
2015-10-04 22:05 - 2014-06-21 01:16 - 00000000 ____D C:\Users\Public\CyberLink
2015-10-04 22:01 - 2014-10-28 20:59 - 00000000 ___RD C:\Users\expert pc\Desktop\VideosYugoh
2015-10-04 13:49 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-03 12:14 - 2014-10-08 19:22 - 00000000 ____D C:\Users\expert pc\Powersaves3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2015-10-03 11:53 - 2014-10-09 17:36 - 00000000 ____D C:\Users\expert pc\Desktop\DevPro
2015-10-03 06:58 - 2015-08-01 00:19 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 06:58 - 2014-06-21 00:51 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 06:58 - 2014-06-21 00:51 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:38 - 2015-07-31 14:31 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 20:56 - 2014-10-02 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 20:52 - 2014-11-23 17:29 - 00000000 ____D C:\ProgramData\Origin
2015-10-02 20:24 - 2015-03-21 12:57 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-01 11:30 - 2015-07-31 14:31 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-30 17:55 - 2014-10-11 11:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 20:59 - 2014-10-10 22:33 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-09-27 13:53 - 2014-10-28 19:49 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.technic
2015-09-27 13:52 - 2014-10-26 13:05 - 00000000 ____D C:\Users\expert pc\Desktop\Minecraft
2015-09-23 07:07 - 2014-11-23 17:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-16 19:11 - 2014-06-27 07:32 - 00000000 ____D C:\Users\expert pc\AppData\Local\Packages
2015-09-15 19:59 - 2014-11-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-09-15 19:59 - 2014-11-23 16:36 - 00000000 ____D C:\Program Files (x86)\THQ
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 21:07 - 2015-07-31 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-14 13:25 - 2015-05-02 00:38 - 00000000 ____D C:\Users\expert pc\Desktop\Online Dateien
2015-09-13 21:03 - 2014-10-08 19:17 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.minecraft
2015-09-13 14:22 - 2014-10-02 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-16 20:48 - 2015-01-16 21:53 - 0000098 _____ () C:\Users\expert pc\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg

Einige Dateien in TEMP:
====================
C:\Users\expert pc\AppData\Local\Temp\Extract.exe
C:\Users\expert pc\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\expert pc\AppData\Local\Temp\nvStInst.exe
C:\Users\expert pc\AppData\Local\Temp\SP72853.exe
C:\Users\expert pc\AppData\Local\Temp\sqlite3.dll
C:\Users\expert pc\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-10 02:03

==================== Ende von FRST.txt ============================
Lag ich mit meiner Adware Vermutung richtig? o.o

schrauber 13.10.2015 18:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

DukeYGO 14.10.2015 06:39
Keine weiteren Vorkommnisse. Allerdings hat Eset ein paar Dinge aufgedeckt. Inwiefern die relevant sind, überlasse ich an der Stelle mal dir als Experten.

Kann ich meine temporären Dateien eigtl bereinigen? Jedesmal beim starten sagt mir der CCleaner er könnte über zwei GB Speicherplatz sichern - 1,3 davon alleine durch temporäre Dateien? o.o

Anbei die Logs zur weiteren Verwendung

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3543183bf97b8d45b786b2842e454301
# end=init
# utc_time=2015-10-13 05:30:54
# local_time=2015-10-13 07:30:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26216
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3543183bf97b8d45b786b2842e454301
# end=updated
# utc_time=2015-10-13 05:34:20
# local_time=2015-10-13 07:34:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3543183bf97b8d45b786b2842e454301
# engine=26216
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-13 07:53:30
# local_time=2015-10-13 09:53:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 87530 72344840 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 88115 8240022 0 0
# scanned=431851
# found=8
# cleaned=0
# scan_time=8348
sh=019F97AF563FC4240EE3CD027DB839D35E69D9AC ft=1 fh=6aea9a1b3a697405 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-2350193266-1077779400-760107588-1001\$RM3B7EA.exe"
sh=458E2EE56157CBF3D84FFD048E6E0A1FA12255AE ft=1 fh=155e7e9db39a9d0b vn="Variante von Win32/WinWrapper.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\AppData\Local\Microsoft\Windows\INetCache\IE\BK8RXPB4\Installer[1].exe"
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\AppData\Local\Temp\DMR\dmr_72.exe"
sh=8934B00F56ADE19D7911ED73FB5954807A6CA6C8 ft=1 fh=25ae52262a8bb7d9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\Desktop\Installer\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=6B97E4DCAE13B7BE9CBB416958D45B8E3C700429 ft=1 fh=aac9285b4e2298e6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\Desktop\Installer\McAfee Consumer Product Removal Tool - CHIP-Installer.exe"
sh=2302A45BF411B7B12F482D4DF4CE9A647AB1B2CA ft=1 fh=f9b72f62fa8c9dd4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\Desktop\Installer\Minecraft - CHIP-Installer.exe"
sh=42D66F0E4E1DB03718ADA8542160FDFD6ED31DB3 ft=1 fh=b0a5273ac26f0e10 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\Desktop\Installer\Secunia Personal Software Inspector PSI - CHIP-Installer.exe"
sh=54CD2D34678B2E6864F688773939047317A028DB ft=1 fh=3318a8972a8a4d8d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\expert pc\Desktop\Installer\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
Code:
Results of screen317's Security Check version 1.009 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security 
Windows Defender             
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016) 
 Java 8 Update 60 
 Adobe Flash Player        19.0.0.185 
 Mozilla Firefox (41.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avp.exe 
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avpui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
durchgeführt von expert pc (Administrator) auf EXPERT (13-10-2015 22:13:52)
Gestartet von C:\Users\expert pc\Desktop\Virenentfernung
Geladene Profile: expert pc (Verfügbare Profile: expert pc)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13571.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-12-03] (Hewlett-Packard )
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2918152 2014-08-18] (Corsair Components, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2900560 2015-10-09] (Valve Corporation)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\...\RunOnce: [Uninstall C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\expert pc\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-10-08]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{96af2199-8831-487a-87fc-f08f0f7ac314}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a222317e-793e-4a1c-9ac1-8a4ebd92dbd2}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4
HKU\S-1-5-21-2350193266-1077779400-760107588-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/4
SearchScopes: HKLM -> {61909BC3-BE76-4BDB-A905-689F89D62260} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-26] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-26] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-26] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\expert pc\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2350193266-1077779400-760107588-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-02] ()
FF Extension: Adblock Edge - C:\Users\expert pc\AppData\Roaming\Mozilla\Firefox\Profiles\obvvz6c4.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-09-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-07-31]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-07-31]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-02] (Electronic Arts)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-31] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-09-05] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-09] (Kaspersky Lab UK Ltd)
R3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2014-08-15] (Corsair Components, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-07-09] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-07-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-07-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-06] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-07-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-07-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-09] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-07-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-07-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-09-04] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-09-09] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-13 22:13 - 2015-10-13 22:13 - 00000825 _____ C:\Users\expert pc\Desktop\checkup.txt
2015-10-13 22:09 - 2015-10-13 22:09 - 00016148 _____ C:\WINDOWS\system32\EXPERT_expert pc_HistoryPrediction.bin
2015-10-13 19:27 - 2015-10-13 22:12 - 00852720 _____ C:\Users\expert pc\Desktop\SecurityCheck.exe
2015-10-13 19:27 - 2015-10-13 19:30 - 02870984 _____ (ESET) C:\Users\expert pc\Desktop\esetsmartinstaller_deu.exe
2015-10-12 19:36 - 2015-10-12 19:37 - 00692284 _____ C:\Users\expert pc\Documents\cc_20151012_193651.reg
2015-10-12 06:54 - 2015-10-12 06:54 - 00349376 _____ C:\WINDOWS\Minidump\101215-24906-01.dmp
2015-10-12 06:49 - 2015-10-12 06:54 - 730655172 _____ C:\WINDOWS\MEMORY.DMP
2015-10-12 06:49 - 2015-10-12 06:54 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-12 06:49 - 2015-10-12 06:49 - 00373296 _____ C:\WINDOWS\Minidump\101215-24203-01.dmp
2015-10-12 06:40 - 2015-10-13 22:13 - 00000000 ____D C:\FRST
2015-10-12 06:40 - 2015-10-12 06:40 - 00000000 _____ C:\Users\expert pc\defogger_reenable
2015-10-12 06:39 - 2015-10-12 22:27 - 00000000 ____D C:\Users\expert pc\Desktop\Virenentfernung
2015-10-11 19:39 - 2015-10-13 18:29 - 00000000 ____D C:\Users\expert pc\AppData\Local\CrashDumps
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\Documents\Camtasia Studio
2015-10-10 11:02 - 2015-10-10 11:02 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00001248 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Users\expert pc\AppData\Local\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-10-10 11:01 - 2015-10-10 11:01 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\ProgramData\TechSmith
2015-10-10 11:00 - 2015-10-10 11:00 - 00000000 ____D C:\Program Files (x86)\TechSmith
2015-10-09 21:24 - 2015-10-12 21:25 - 00000000 ____D C:\AdwCleaner
2015-10-08 22:20 - 2015-10-08 22:21 - 00000000 ____D C:\Users\expert pc\Knuddels
2015-10-07 17:54 - 2015-10-03 04:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-07 17:52 - 2015-10-03 06:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 17:52 - 2015-10-03 06:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 17:41 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-07 07:11 - 2015-10-07 17:20 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-10-07 01:29 - 2015-10-07 01:29 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-06 22:30 - 2015-10-10 10:34 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\vlc
2015-10-06 22:29 - 2015-10-06 22:29 - 00001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-06 22:29 - 2015-10-06 22:29 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-10-05 06:29 - 2015-10-10 10:40 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\avidemux
2015-10-05 06:29 - 2015-10-05 06:29 - 00001185 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 32 bits (32-bit).lnk
2015-10-05 06:29 - 2015-10-05 06:29 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2015-10-05 06:15 - 2015-10-05 06:23 - 00000000 ____D C:\Users\expert pc\AppData\Local\Windows Live
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\Users\expert pc\.MCTranscodingSDK
2015-10-05 06:05 - 2015-10-05 06:05 - 00000000 ____D C:\ProgramData\Geevs
2015-10-01 18:23 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 18:23 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:23 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:23 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:23 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:23 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:23 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 18:23 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:23 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 18:23 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 18:23 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 18:23 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 18:23 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:23 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:23 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:23 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 18:23 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:23 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 18:23 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:23 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:23 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 18:23 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 18:23 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 18:23 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 18:23 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 18:23 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 18:23 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 18:23 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 18:23 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:23 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:23 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:23 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:23 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:23 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:23 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:23 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:23 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:23 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:23 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:23 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:23 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:23 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:23 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:23 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:23 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 18:23 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:23 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:23 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 18:23 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:23 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:23 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:23 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 18:23 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:23 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 18:23 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 18:23 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 18:23 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:23 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 18:23 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 18:23 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 18:23 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 18:23 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 18:23 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 18:23 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 18:23 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 18:23 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 18:23 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 18:23 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 18:23 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 18:23 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 18:23 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 18:23 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 06:57 - 2015-10-02 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 19:38 - 2015-09-26 15:51 - 00000000 ____D C:\Users\expert pc\Documents\FIFA 16
2015-09-23 19:48 - 2015-10-12 21:26 - 00032842 _____ C:\WINDOWS\PFRO.log
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 07:07 - 2015-09-23 07:07 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 07:05 - 2015-10-05 06:15 - 00018970 _____ C:\WINDOWS\DirectX.log
2015-09-17 21:06 - 2015-10-12 21:19 - 00359528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-17 20:55 - 2015-10-13 21:03 - 00000000 ____D C:\Users\expert pc\Desktop\Aquarium
2015-09-17 20:45 - 2015-09-17 20:45 - 01561875 _____ C:\Users\expert pc\Documents\Bestellformular_01.tif
2015-09-17 20:40 - 2015-09-17 20:40 - 00001070 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-09-17 20:40 - 2015-09-17 20:40 - 00000000 ____D C:\Program Files\Tracker Software
2015-09-15 20:44 - 2015-10-10 12:55 - 00000000 ____D C:\Users\expert pc\Desktop\Videobearbeitung
2015-09-15 19:42 - 2015-09-15 19:42 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\0RBITALIS
2015-09-15 19:37 - 2015-10-12 18:18 - 00002979 _____ C:\WINDOWS\setupact.log
2015-09-15 19:37 - 2015-09-15 19:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-14 21:16 - 2015-10-13 21:41 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-13 22:10 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-13 21:40 - 2014-11-11 22:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-13 21:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-13 20:49 - 2015-07-31 16:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-13 19:29 - 2014-10-02 23:01 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Skype
2015-10-13 18:34 - 2014-10-19 16:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-13 18:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-13 18:32 - 2014-06-30 03:26 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{968F1233-CAC6-49C7-9463-8E9C2E9BCE20}
2015-10-12 21:29 - 2015-09-09 11:54 - 00028936 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-10-12 21:26 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-12 21:26 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-12 21:26 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-12 21:25 - 2015-01-01 18:31 - 00000000 ____D C:\Users\expert pc\AppData\Local\LogMeIn Hamachi
2015-10-12 21:22 - 2014-10-08 19:12 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 21:19 - 2015-07-31 14:34 - 00000000 ____D C:\Users\expert pc
2015-10-12 21:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-10-12 19:28 - 2015-07-31 14:33 - 01994140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-12 19:28 - 2015-07-10 18:34 - 00848086 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-12 19:28 - 2015-07-10 18:34 - 00186362 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-12 19:27 - 2015-04-05 18:58 - 00000000 ____D C:\Users\expert pc\Desktop\RandomBilder
2015-10-12 06:39 - 2015-02-06 23:03 - 00000000 ____D C:\Users\expert pc\Desktop\HS
2015-10-11 23:47 - 2014-10-08 19:26 - 00000000 ____D C:\Users\expert pc\AppData\Local\Battle.net
2015-10-11 23:29 - 2014-10-12 14:45 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\TS3Client
2015-10-11 22:22 - 2014-10-08 19:26 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-11 20:28 - 2014-10-08 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-11 19:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-11 12:18 - 2015-09-09 11:47 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForexpert pc.job
2015-10-11 12:17 - 2015-03-25 18:44 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-10-10 18:53 - 2015-09-09 12:21 - 00000000 ____D C:\Users\expert pc\Documents\Bandicam
2015-10-09 23:04 - 2015-03-16 14:50 - 00000000 ____D C:\Users\expert pc\Documents\ManiaPlanet
2015-10-09 22:11 - 2015-03-16 14:50 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-10-09 21:00 - 2014-10-08 19:12 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-09 21:00 - 2014-10-08 19:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-09 20:50 - 2014-10-26 15:17 - 00000000 ____D C:\Users\expert pc\Desktop\Steam
2015-10-08 18:09 - 2015-02-19 18:40 - 00000000 ____D C:\Users\expert pc\AppData\Local\Steam
2015-10-07 20:27 - 2015-07-31 22:58 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\Audacity
2015-10-07 17:54 - 2015-07-31 14:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 17:31 - 2014-06-21 09:40 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2015-10-07 17:31 - 2014-04-02 13:27 - 00000000 ____D C:\SWSETUP
2015-10-07 17:20 - 2015-09-09 11:38 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-07 17:20 - 2014-06-21 01:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-06 20:45 - 2015-06-17 09:22 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-06 17:00 - 2015-07-31 16:56 - 00817848 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-10-06 17:00 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-06 17:00 - 2015-07-09 19:11 - 00190648 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2015-10-05 10:49 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 06:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-05 06:04 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\Documents\CyberLink
2015-10-04 22:05 - 2014-11-01 22:41 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\CyberLink
2015-10-04 22:05 - 2014-06-21 01:16 - 00000000 ____D C:\Users\Public\CyberLink
2015-10-04 22:01 - 2014-10-28 20:59 - 00000000 ___RD C:\Users\expert pc\Desktop\VideosYugoh
2015-10-03 12:14 - 2014-10-08 19:22 - 00000000 ____D C:\Users\expert pc\Powersaves3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2015-10-03 12:04 - 2014-10-08 19:22 - 00000000 ____D C:\Program Files (x86)\Action Replay PowerSaves 3DS
2015-10-03 11:53 - 2014-10-09 17:36 - 00000000 ____D C:\Users\expert pc\Desktop\DevPro
2015-10-03 06:58 - 2015-08-01 00:19 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 06:58 - 2015-06-17 09:22 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 06:58 - 2014-06-21 00:51 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 06:58 - 2014-06-21 00:51 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:38 - 2015-07-31 14:31 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:38 - 2015-07-31 14:31 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-02 20:56 - 2014-10-02 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 20:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 20:52 - 2014-11-23 17:29 - 00000000 ____D C:\ProgramData\Origin
2015-10-02 20:24 - 2015-03-21 12:57 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-01 11:30 - 2015-07-31 14:31 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-30 17:55 - 2014-10-11 11:59 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 20:59 - 2014-10-10 22:33 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-09-27 13:53 - 2014-10-28 19:49 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.technic
2015-09-27 13:52 - 2014-10-26 13:05 - 00000000 ____D C:\Users\expert pc\Desktop\Minecraft
2015-09-23 07:07 - 2014-11-23 17:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-16 19:11 - 2014-06-27 07:32 - 00000000 ____D C:\Users\expert pc\AppData\Local\Packages
2015-09-15 19:59 - 2014-11-23 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-09-15 19:59 - 2014-11-23 16:36 - 00000000 ____D C:\Program Files (x86)\THQ
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 21:07 - 2015-07-31 15:26 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-14 13:25 - 2015-05-02 00:38 - 00000000 ____D C:\Users\expert pc\Desktop\Online Dateien
2015-09-13 21:03 - 2014-10-08 19:17 - 00000000 ____D C:\Users\expert pc\AppData\Roaming\.minecraft
2015-09-13 14:22 - 2014-10-02 11:25 - 00000000 ____D C:\WINDOWS\system32\MRT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-16 20:48 - 2015-01-16 21:53 - 0000098 _____ () C:\Users\expert pc\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg

Einige Dateien in TEMP:
====================
C:\Users\expert pc\AppData\Local\Temp\Extract.exe
C:\Users\expert pc\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\expert pc\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\expert pc\AppData\Local\Temp\nvStInst.exe
C:\Users\expert pc\AppData\Local\Temp\SP72853.exe
C:\Users\expert pc\AppData\Local\Temp\sqlite3.dll
C:\Users\expert pc\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-10 02:03

==================== Ende von FRST.txt ============================
Heute morgen gehen Links grade wieder auf. Vor ein paar Sekunden eben, als ich die Microsoft Einstellungen bei Windows 10 geöffnet hatte.
Das ganze hat sich zweimal geöffnet als ich die Datenschutzbestimmungen von Windows angepasst habe.
Nebenbei ist dann auch noch Skype gecrasht...und die temporären DAten sind auch gewachsen.

schrauber 14.10.2015 19:40
Temps leeren wir jetzt gerade mit:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\$RECYCLE.BIN\S-1-5-21-2350193266-1077779400-760107588-1001\$RM3B7EA.exe

C:\Users\expert pc\AppData\Local\Microsoft\Windows\INetCache\IE\BK8RXPB4\Installer[1].exe

C:\Users\expert pc\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\expert pc\Desktop\Installer\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\McAfee Consumer Product Removal Tool - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\Minecraft - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\Secunia Personal Software Inspector PSI - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\TeamSpeak 3 32 Bit - CHIP-Installer.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen


In welchen Browsern bestehen jetzt noch Probleme?

DukeYGO 14.10.2015 20:01
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-10-2015
durchgeführt von expert pc (2015-10-14 20:44:35) Run:1
Gestartet von C:\Users\expert pc\Desktop\Virenentfernung
Geladene Profile: expert pc (Verfügbare Profile: expert pc)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\$RECYCLE.BIN\S-1-5-21-2350193266-1077779400-760107588-1001\$RM3B7EA.exe

C:\Users\expert pc\AppData\Local\Microsoft\Windows\INetCache\IE\BK8RXPB4\Installer[1].exe

C:\Users\expert pc\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\expert pc\Desktop\Installer\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\McAfee Consumer Product Removal Tool - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\Minecraft - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\Secunia Personal Software Inspector PSI - CHIP-Installer.exe

C:\Users\expert pc\Desktop\Installer\TeamSpeak 3 32 Bit - CHIP-Installer.exe
Emptytemp:
       
*****************

"C:\$RECYCLE.BIN\S-1-5-21-2350193266-1077779400-760107588-1001\$RM3B7EA.exe" => Datei/Ordner nicht gefunden.
C:\Users\expert pc\AppData\Local\Microsoft\Windows\INetCache\IE\BK8RXPB4\Installer[1].exe => erfolgreich verschoben
C:\Users\expert pc\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
C:\Users\expert pc\Desktop\Installer\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\expert pc\Desktop\Installer\McAfee Consumer Product Removal Tool - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\expert pc\Desktop\Installer\Minecraft - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\expert pc\Desktop\Installer\Secunia Personal Software Inspector PSI - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\expert pc\Desktop\Installer\TeamSpeak 3 32 Bit - CHIP-Installer.exe => erfolgreich verschoben
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:45:15 ====
Hier der nachgefragte Log.

Bis dato habe ich keine weiteren Probleme feststellen können - es passiert ja auch wirklich nur ganz selten, dass etwas passiert.
Ich nutze ja nur Firefox. Wenn ich könnte würde ich den Windows Explorer sogar deinstallieren :heilig:

Na gut. Danke.
Das mit den Chip Installern habe ich noch nicht gewusst-ich find eure Seite prima.
Eure Hilfe reinigt meinen PC und eure Tipps verhindern bei mir beeindruckend seit 2 Jahren, dass ich die alten Fehler wieder mache.

Danke für die Prima Hilfe schrauber :daumenhoc:
Man lernt nicht aus - und da habe ich wohl an den guten Glauben von chip.de gehalten. Shit Seite.
Endlich kann ich auch mal den CCleaner alles sauber machen lassen - ohne in Gedanken etwas falsches zu entfernen.

schrauber 15.10.2015 17:13
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

DukeYGO 18.10.2015 23:31
So danke erstmal für deine Hilfe.
Das watch4.tv Problem ist jetzt definitiv gelöst.

Ich bin jetzt beim Durchlaufen beim CCleaner auf folgendes gestoßen.
Beim langen Reinigungslauf ist das Programm durch das Updaten von Microsoft durch einen Restart abgebrochen.
Dabei wurden dann diese Dateien hinterlassen.

http://abload.de/img/windowsordnerrandomnehpuxf.png

Sind vermutlich verkappte Überbleibsel aus dem abgebrochenen Scan-Prozess vom CCleaner, sofern ich recht habe, oder?

schrauber 19.10.2015 19:44
Nein, die werden bei Win Updates angelegt :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:50 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19