Trojaner-Board - AVIRA EU Cleaner findet TR/Crypt.Xpack400358 und 417413 sowie ADWARE/Adware.Gen

Hallo hier die FRST. txt
FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016

durchgeführt von maddin (Administrator) auf ACERXC115 (21-01-2016 14:44:25)

Gestartet von C:\Users\maddin\Downloads

Geladene Profile: maddin (Verfügbare Profile: maddin & Administrator)

Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe

(AMD) C:\Windows\System32\atieclxx.exe

(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe

() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe

(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-01-10] (Realtek Semiconductor)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-01] ()

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: 0.0.0.1        mssplus.mcafee.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{47b9202d-2068-4c09-8392-2b3b3f346d5c}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB

BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)

Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
 

FireFox:

========

FF ProfilePath: C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147

FF Homepage: hxxp://ahnenforschung-brand.jimdo.com/?logout=1

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-21] ()

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

FF SearchPlugin: C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147\searchplugins\McSiteAdvisor.xml [2016-01-21]

FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]

FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147\extensions\artur.dubovoy@gmail.com [2016-01-21]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on

FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-08-09] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-20] [ist nicht signiert]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-15] () [Datei ist nicht signiert]

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-08] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-08] (Dropbox, Inc.)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-09-01] (Freemake) [Datei ist nicht signiert]

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-09-01] (Ellora Assets Corp.) [Datei ist nicht signiert]

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)

R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)

R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60440 2016-01-10] (Advanced Micro Devices, Inc.)

R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [93208 2016-01-10] (Advanced Micro Devices, Inc. )

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)

R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [269336 2016-01-10] (Advanced Micro Devices, Inc. )

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-21] (Malwarebytes)

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)

R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-01-10] (Realtek                                            )

R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2016-01-10] (Realsil Semiconductor Corporation)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]

S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-01-21 14:44 - 2016-01-21 14:45 - 00023793 _____ C:\Users\maddin\Downloads\FRST.txt

2016-01-21 14:43 - 2016-01-21 14:44 - 00000000 ____D C:\FRST

2016-01-21 14:42 - 2016-01-21 14:43 - 02370560 _____ (Farbar) C:\Users\maddin\Downloads\FRST64.exe

2016-01-21 13:48 - 2016-01-21 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2016-01-21 13:42 - 2016-01-21 13:42 - 00000000 ___HD C:\OneDriveTemp

2016-01-21 12:05 - 2016-01-21 14:04 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse

2016-01-21 10:32 - 2016-01-21 10:32 - 00002113 _____ C:\Users\maddin\Desktop\Entfernen des Avira EU-Cleaners.lnk

2016-01-21 10:32 - 2016-01-21 10:32 - 00002057 _____ C:\Users\maddin\Desktop\Avira EU-Cleaner.lnk

2016-01-21 10:23 - 2016-01-21 10:23 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse

2016-01-17 13:58 - 2016-01-19 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2016-01-15 13:10 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-01-15 13:10 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2016-01-15 13:10 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2016-01-15 13:10 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-01-15 13:10 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2016-01-15 13:10 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2016-01-15 13:10 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2016-01-15 13:10 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-01-15 13:10 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-01-15 13:10 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2016-01-15 13:10 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2016-01-15 13:10 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll

2016-01-15 13:10 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2016-01-15 13:10 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-01-15 13:10 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-01-15 13:10 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll

2016-01-15 13:10 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-01-15 13:10 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-01-15 13:10 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-01-15 13:10 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-01-15 13:10 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-01-15 13:09 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-01-15 13:09 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-01-15 13:09 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-01-15 13:09 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-01-15 13:09 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll

2016-01-15 13:09 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-01-15 13:09 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll

2016-01-15 13:09 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2016-01-15 13:09 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2016-01-15 13:09 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll

2016-01-15 13:09 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll

2016-01-15 13:09 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2016-01-15 13:09 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2016-01-15 13:09 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-01-15 13:09 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx

2016-01-15 13:09 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2016-01-15 13:09 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll

2016-01-15 13:09 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2016-01-15 13:09 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL

2016-01-15 13:09 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll

2016-01-15 13:09 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax

2016-01-15 13:09 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2016-01-15 13:09 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll

2016-01-15 13:09 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx

2016-01-15 13:09 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2016-01-15 13:09 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2016-01-15 13:09 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2016-01-15 13:09 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2016-01-15 13:09 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL

2016-01-15 13:09 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll

2016-01-15 13:09 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll

2016-01-15 13:09 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2016-01-15 13:09 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax

2016-01-15 13:09 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2016-01-15 13:09 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2016-01-15 13:09 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2016-01-15 13:09 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2016-01-15 13:09 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-01-15 13:09 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2016-01-14 16:51 - 2016-01-14 16:52 - 01466656 _____ C:\Users\maddin\Downloads\SecureUSBflashdrives - CHIP-Installer.exe

2016-01-13 20:10 - 2016-01-13 20:10 - 00611115 _____ C:\Users\maddin\Downloads\explosionsteyrm9a1-17833883.pdf

2016-01-13 20:03 - 2016-01-13 20:03 - 01078649 _____ C:\Users\maddin\Downloads\Bedienung-UX-SA9.pdf

2016-01-10 12:29 - 2016-01-10 12:29 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

2016-01-10 12:29 - 2016-01-10 12:29 - 12975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat

2016-01-10 12:29 - 2016-01-10 12:29 - 05706688 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2016-01-10 12:29 - 2016-01-10 12:29 - 02531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02088737 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2016-01-10 12:29 - 2016-01-10 12:29 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01747160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01365768 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL

2016-01-10 12:29 - 2016-01-10 12:29 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll

2016-01-10 12:21 - 2016-01-10 12:21 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2016-01-10 12:21 - 2016-01-10 12:21 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2016-01-10 12:20 - 2016-01-10 12:20 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll

2016-01-10 12:20 - 2016-01-10 12:20 - 00402136 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys

2016-01-10 12:20 - 2016-01-10 12:20 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 02975768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\rootpacommon.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00269336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys

2016-01-10 12:19 - 2016-01-10 12:18 - 00129048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\tbaseregistry64.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00108568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\tbaseregistry32.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00093208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdkmcsp.sys

2016-01-10 12:19 - 2016-01-10 12:18 - 00091672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdumcsp.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdumcsp.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00025112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\t-base_client_api.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00021016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\t-base_client_api.dll

2016-01-10 12:18 - 2016-01-10 12:18 - 00000000 ____D C:\ProgramData\DriverSetupUtility

2016-01-10 12:18 - 2016-01-10 12:18 - 00000000 ____D C:\Program Files\DriverSetupUtility

2016-01-10 11:50 - 2016-01-10 11:51 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth

2016-01-10 11:47 - 2015-05-17 23:33 - 04301304 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys

2016-01-10 11:43 - 2016-01-10 11:43 - 00001810 _____ C:\Users\Public\Desktop\Acer Care Center.lnk

2016-01-10 11:41 - 2016-01-10 11:41 - 01761632 _____ (Acer Incorporated) C:\Users\maddin\Downloads\AcerCareCenterLiveUpdater.exe

2016-01-10 11:09 - 2016-01-10 11:09 - 00347816 _____ (Microsoft Corporation) C:\Users\maddin\Downloads\MicrosoftFixit.Devices.Run.exe

2016-01-07 23:35 - 2016-01-07 23:36 - 01749504 _____ C:\Users\maddin\Downloads\AdwCleaner_5.028.exe

2016-01-07 12:12 - 2016-01-07 12:44 - 224055296 _____ C:\Users\maddin\Downloads\LibreOffice_4.4.7_Win_x86.msi

2016-01-07 12:03 - 2016-01-07 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-01-04 14:37 - 2016-01-04 14:37 - 00000000 ____D C:\WINDOWS\Panther

2016-01-02 17:53 - 2016-01-02 17:53 - 05279784 _____ C:\Users\maddin\Documents\Jarolift_Rohrmotor_SL.pdf

2016-01-02 17:31 - 2016-01-02 17:31 - 00139369 ____R C:\Users\maddin\Documents\ELERO Typ 9 - Bedienungsanleitung.pdf

2016-01-02 17:19 - 2016-01-02 17:19 - 00146060 ____R C:\Users\maddin\Documents\ELERO Typ 9 - Technische Daten.pdf

2015-12-24 12:09 - 2015-12-24 12:09 - 00000000 ____D C:\Users\maddin\Desktop\Alte Firefox-Daten

2015-12-22 16:58 - 2016-01-14 21:57 - 00000000 ____D C:\WINDOWS\Minidump
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-01-21 14:43 - 2015-10-30 07:28 - 00000000 ____D C:\Windows

2016-01-21 13:58 - 2015-08-08 08:53 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2016-01-21 13:48 - 2015-08-23 18:14 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-01-21 13:45 - 2015-12-03 12:59 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-01-21 13:45 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat

2016-01-21 13:45 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat

2016-01-21 13:45 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-01-21 13:42 - 2015-04-24 21:00 - 00000000 __RDO C:\Users\maddin\OneDrive

2016-01-21 13:41 - 2015-12-03 13:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-01-21 13:41 - 2015-08-09 17:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-01-21 13:41 - 2015-08-08 08:53 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2016-01-21 13:41 - 2014-11-14 17:03 - 02319021 _____ C:\WINDOWS\SysWOW64\rootpa.e2e

2016-01-21 13:40 - 2015-12-03 12:36 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2016-01-21 13:40 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-01-21 12:20 - 2015-08-16 17:22 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2016-01-21 10:02 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-01-21 10:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-01-21 09:55 - 2015-11-13 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-01-21 09:55 - 2015-11-13 16:40 - 00000000 ____D C:\ProgramData\Oracle

2016-01-21 09:55 - 2015-11-13 16:40 - 00000000 ____D C:\Program Files (x86)\Java

2016-01-21 09:54 - 2015-11-13 16:41 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2016-01-21 09:54 - 2015-11-13 16:41 - 00000000 ____D C:\Users\maddin\.oracle_jre_usage

2016-01-21 09:41 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM

2016-01-21 09:40 - 2015-08-08 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-01-19 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-01-19 22:08 - 2015-08-08 19:36 - 00000000 ____D C:\Users\maddin\AppData\Roaming\vlc

2016-01-19 22:08 - 2015-06-23 10:07 - 00000000 ____D C:\Users\maddin\Documents\EVONIK

2016-01-17 21:10 - 2015-10-09 12:12 - 00000000 ____D C:\Users\maddin\Desktop\SICHERHEIT

2016-01-15 17:57 - 2015-10-08 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2016-01-15 17:39 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-01-15 17:08 - 2015-08-09 17:35 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2016-01-15 10:40 - 2015-08-08 20:09 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-01-15 10:34 - 2015-08-08 20:08 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-01-14 11:49 - 2015-12-03 12:40 - 00000000 ____D C:\Users\maddin

2016-01-14 11:48 - 2015-09-05 16:18 - 00000000 ____D C:\Program Files (x86)\McAfee

2016-01-13 15:24 - 2015-08-16 16:31 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk

2016-01-13 15:24 - 2015-08-16 16:31 - 00001152 _____ C:\Users\Public\Desktop\paint.net.lnk

2016-01-13 15:24 - 2015-08-16 16:30 - 00000000 ____D C:\Program Files\paint.net

2016-01-10 15:37 - 2015-04-26 09:04 - 00000000 ____D C:\Users\maddin\Desktop\SCANNER

2016-01-10 12:31 - 2014-11-14 17:00 - 00000000 ___HD C:\Program Files (x86)\Temp

2016-01-10 12:30 - 2015-12-03 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2016-01-10 12:29 - 2014-11-14 17:00 - 04477656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2016-01-10 12:29 - 2014-11-14 17:00 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

2016-01-10 12:21 - 2014-11-14 16:52 - 00000000 ____D C:\Program Files (x86)\Realtek

2016-01-10 12:20 - 2014-11-14 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2016-01-10 12:18 - 2015-06-23 10:39 - 01797656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll

2016-01-10 12:18 - 2015-06-23 10:39 - 00106520 _____ (AMD) C:\WINDOWS\system32\pspcoins.dll

2016-01-10 12:18 - 2015-06-23 10:39 - 00060440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\tbaseprovisioning.exe

2016-01-10 12:17 - 2014-11-14 16:47 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros

2016-01-10 11:44 - 2015-08-07 21:41 - 00000000 ____D C:\Users\maddin\AppData\Local\CareCenter

2016-01-10 11:43 - 2015-08-07 21:41 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication

2016-01-10 11:43 - 2014-11-14 17:11 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application

2016-01-10 11:43 - 2014-11-14 17:10 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

2016-01-10 11:41 - 2015-08-19 12:54 - 00000000 ____D C:\Users\maddin\AppData\Local\acer

2016-01-09 13:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2016-01-07 23:47 - 2015-10-31 14:41 - 00000000 ____D C:\AdwCleaner

2016-01-06 19:53 - 2015-07-23 13:32 - 00000000 ___RD C:\Users\maddin\Documents\ARBEIT

2016-01-04 18:19 - 2015-12-03 13:13 - 00000000 ____D C:\Users\maddin\AppData\Local\Comms

2016-01-04 18:18 - 2015-04-24 13:55 - 00000000 ____D C:\Users\maddin\AppData\Local\Packages

2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-12-31 14:31 - 2015-12-11 18:41 - 00000000 ____D C:\Users\maddin\Downloads\Ant Videos

2015-12-30 17:59 - 2015-04-28 19:51 - 00000000 ____D C:\Users\maddin\Documents\RECHNUNGEN

2015-12-26 11:38 - 2015-05-13 20:01 - 00000000 ____D C:\Users\maddin\Documents\Family Tree Maker
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-09-29 11:21 - 2015-09-29 11:21 - 0000036 _____ () C:\Users\maddin\AppData\Local\housecall.guid.cache

2015-12-03 12:36 - 2015-12-03 12:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 

Einige Dateien in TEMP:

====================

C:\Users\maddin\AppData\Local\Temp\jre-8u71-windows-au.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-01-17 13:59
 

==================== Ende von FRST.txt ============================

--- --- ---

und hier die ADDITONFRST Additions Logfile:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016

durchgeführt von maddin (2016-01-21 14:47:04)

Gestartet von C:\Users\maddin\Downloads

Windows 10 Home (X64) (2015-12-03 12:12:22)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3121378926-3824479896-3812363718-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-3121378926-3824479896-3812363718-503 - Limited - Disabled)

Gast (S-1-5-21-3121378926-3824479896-3812363718-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3121378926-3824479896-3812363718-1003 - Limited - Enabled)

maddin (S-1-5-21-3121378926-3824479896-3812363718-1001 - Administrator - Enabled) => C:\Users\maddin
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Out of date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}

FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)

ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden

abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)

abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)

Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)

Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)

Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)

Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)

Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)

Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

AMD Catalyst Install Manager (HKLM\...\{B54BF03D-0C7F-63B4-A36C-EE0A756579F1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)

Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)

Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden

Druckerdeinstallation für EPSON SX235 Series (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)

eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)

Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)

Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Family Tree Maker World Express (HKLM-x32\...\Family Tree Maker World Express) (Version: 21.1.865 - Ancestry.com, Inc.)

Family Tree Maker World Express (x32 Version: 21.1.865 - Ancestry.com, Inc.) Hidden

Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden

Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.5 - Ellora Assets Corporation)

Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.)

Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Acer Incorporated)

Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)

Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden

King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden

LibreOffice 4.4 Help Pack (German) (HKLM-x32\...\{27919228-5A54-4046-BEE2-E0825839ED57}) (Version: 4.4.6.3 - The Document Foundation)

LibreOffice 4.4.6.3 (HKLM-x32\...\{1013DB12-EC2E-455E-B5ED-BFD056DC1A99}) (Version: 4.4.6.3 - The Document Foundation)

LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden

Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)

Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)

McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)

Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)

Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)

OEM Application Profile (HKLM-x32\...\{E142AB79-FD0D-34F7-8D4D-56E78C536467}) (Version: 1.00.0000 - Ihr Firmenname)

paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden

Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)

Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)

The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden

Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)

WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3121378926-3824479896-3812363718-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\maddin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {02F8E686-AC37-46EF-A929-0D0011E5BA44} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)

Task: {034548C7-A134-4E92-91BB-D6E3C47B395D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {06B356B5-6DFC-4EE9-906E-A91B604624F7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {07982AB0-F5DE-41F1-A2BE-9B1EA8B92BF6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)

Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto

Task: {1301A31B-02EC-4B72-AA5F-9351FEBD155F} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)

Task: {139E08B4-6813-4A89-A716-F58D22D0A1CB} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()

Task: {19F2FEED-A81C-429E-83B8-832449A7294B} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

Task: {22A44A0C-711A-4A2D-B7A8-24E0FECE5723} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-08] (Dropbox, Inc.)

Task: {29C488CC-CC27-4495-B701-E9E5EE940FE5} - System32\Tasks\McAfee\McAfee Idle Detection Task

Task: {2C2CBCB1-8BAA-461F-A69F-AF2B1D47549E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {3813D2DD-2ED5-46DB-BE21-448158506FA9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {38D4FF16-B88E-4DDF-8441-04E22A22C5EB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {391E9C6F-CC19-478F-A060-0BB05E309D94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {3A17CA17-863D-44CC-8FF4-AF21BC7641FB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {45416DFE-B2DD-4F9A-B33B-C7C6406E2B52} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)

Task: {51963D72-21D2-44E7-BC4D-F840D59F4A38} - System32\Tasks\{6B8ABB9B-1615-4693-8F41-B6E3D7B8691F} => pcalua.exe -a C:\ProgramData\OEM\temp\a5ad0b17-f34d-49be-a157-c8b3d52acd13\AcerPortalSetup.exe -d "C:\Program Files (x86)\Acer\Acer Portal" -c /s

Task: {6FB408CD-B945-4E42-8DE8-E80E5858D44E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {71E2BADB-32B3-4D67-9059-64356DC4BA37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {7340397F-F6C9-4FA1-A16B-FA3B9C2EF781} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {7DD694CD-2978-49C7-9945-FCD87E8811C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-15] (Microsoft Corporation)

Task: {8AE8442D-1AC7-4A23-8DAE-278AEC55B0FE} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)

Task: {9550BBCD-5065-49DB-A2FC-BCF62D6D4C18} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)

Task: {9989E9CB-EF12-4766-AF46-5286B01E27E1} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()

Task: {A2D2EC4D-66F6-4B8F-B9DF-C0A23C8056D1} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)

Task: {A8C5F519-C016-4D77-927C-F8FF9C7D4BF0} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)

Task: {A96ECB22-E619-434A-9DA8-E0B0C40F9AB8} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)

Task: {AA424117-EEEA-4135-841F-0D60D92CAB22} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-11-25] ()

Task: {AC8DDA92-2622-4E06-8C70-6B55A19C89D1} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-08-04] (McAfee, Inc.)

Task: {D4F724E9-69BF-4DBB-9BA0-43A9C434C5E9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-08] (Dropbox, Inc.)

Task: {F10F3BAA-1E99-4982-AE46-BF13A5B54638} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2014-04-15 15:08 - 2014-04-15 15:08 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe

2015-12-03 16:09 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-12-03 16:09 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-12-17 10:06 - 2015-12-17 10:07 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2015-12-18 18:00 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2015-12-18 18:00 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-01-15 13:10 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-01-15 13:10 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-01-15 13:10 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-01-15 13:10 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2015-11-25 11:03 - 2015-11-25 11:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe

2015-12-10 12:29 - 2015-12-10 12:31 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2015-12-10 12:29 - 2015-12-10 12:31 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2015-12-03 14:51 - 2015-12-03 14:57 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll

2015-12-17 10:06 - 2015-12-17 10:07 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2015-12-17 10:06 - 2015-12-17 10:07 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll

2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll

2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll

2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll

2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll

2015-12-03 12:42 - 2015-12-03 12:42 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll

2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll

2015-11-17 11:10 - 2015-11-17 11:10 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll

2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\webcompanion.com -> hxxp://webcompanion.com
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 14:25 - 2015-12-17 08:51 - 00000864 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

0.0.0.1        mssplus.mcafee.com
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maddin\Pictures\Würzburg 28.12.-29.12.2015\IMG_3818.JPG

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKLM\...\StartupApproved\Run32: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "Dropbox"

HKLM\...\StartupApproved\Run32: => "ProductUpdater"

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\StartupApproved\Run: => "AcerPortal"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{AC30CD52-D1EE-486D-8471-6382BB936689}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{D57CE29F-372F-47A9-9C34-F91120A717CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{70398ED2-13FD-478E-8A58-DCF2CB1DDDBB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [UDP Query User{D8CA2327-EEA2-439D-A278-946C0103AE1E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe

FirewallRules: [TCP Query User{58EB552C-CC79-4194-BDAD-70F3D5CEDEDE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe

FirewallRules: [{D7F6B5C9-0DCF-4DF9-94A6-E6A35094A3AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{B0C90DE4-B435-4096-BADC-C39B732238A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{ECDD598E-49C3-4AA2-BF4D-30DF6CA7ABEF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{3BA07FFA-9D4B-41A2-9582-A1369DF1072C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{1ABC333D-D712-4828-BA27-9371464F3CB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{250C4B06-E7AA-474E-AF4D-5E6130F1EC7F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{894A0050-A4DA-4FD2-A770-44123C7AB9B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{E09CC452-26A5-450E-B023-2A8745E27AF3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{7882CFB7-E7B3-4BD9-997F-C9CF97524116}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{0925BA70-2C3E-4C18-B16F-86E97724DEA6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{0AF683C9-48BB-4563-999F-73068887B0A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{8650F170-A0E7-45A3-A43D-45E37B1AA07A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{86A1D3A7-E597-4DA2-AB9F-462666EFDCE0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{7A793A96-6135-419E-93BA-B645EF1649BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{0AF0D9A5-647E-4891-BCAE-FC70AC2E06CC}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{A0178A07-16AD-437F-BF3F-B84F8054E2A0}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{F58038BB-38C2-4F8F-9653-D6BAB6522DD9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{A51EFE3F-E567-4474-AF8E-CFEF76ED26A4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{D8AC7526-9F06-48F4-8C0E-4193EF3AB3A5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{18753CB0-B577-494B-BC4C-13CA1E8A3B22}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{BB949693-1D61-4E94-85F7-09671F9FD3BB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{76D6CDD4-E3FD-4A08-8BB8-6165BDF637D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{C47BE870-CC7E-4C01-90A5-F244546AA546}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{7E45ADBD-436F-4898-8E3F-D63B93360C27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{1898B3BD-4283-44D0-A9AE-4735044F980D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{F89C1291-B628-48A4-811B-0842A0D869F9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{5D106465-FAEE-447A-9215-3E65D9A5085D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{8B4D7AF8-FA7C-4027-B408-485EB3C98A41}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{8AD3B681-A27E-4FBC-8CA1-619006CAE639}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{550FD88B-202A-4A70-9013-F60E736A1279}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{1A891CAE-9FB1-4DEC-9FC0-C986C5878F3C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{5174F448-CBA2-4529-9356-1DF0CACF2878}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{CF63E893-40ED-4AAE-9106-E1C3BFE7AF85}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{05E3617F-0A17-459C-868C-61FC1A50DEB4}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{5C7EE883-2A00-4957-B067-46C6C088B79B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{7383995B-BAC2-4A73-B537-545E604A3738}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{1CB3ECC1-D5B6-4E0D-B06B-DFAC6A70B3C3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{1EA1BF94-C4CF-47A8-A6E4-9ECFD75695C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{585390AF-DFA3-497B-B431-FF7196CE4167}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{716A78F5-B9ED-441F-A699-F8D6EEFFAB42}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{4BF6BFC5-2B34-4F80-A64D-2FEAD6557664}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
 

==================== Wiederherstellungspunkte =========================
 

04-01-2016 14:24:27 Avira EU-Cleaner - 04.01.2016 14:24

07-01-2016 12:46:02 Installed LibreOffice 4.4.7.2

10-01-2016 11:46:47 Installiert Qualcomm Atheros WLAN and Bluetooth Client Installat郀麾℀蠀@

13-01-2016 15:22:35 paint.net v4.0.9

15-01-2016 10:24:51 McAfee  Vulnerability Scanner

15-01-2016 17:57:50 JRT Pre-Junkware Removal

21-01-2016 12:37:21 Avira EU-Cleaner - 21.01.2016 12:37
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (01/21/2016 12:37:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (01/21/2016 10:23:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (01/21/2016 09:48:41 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: cmd.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d733

Name des fehlerhaften Moduls: USER32.dll_unloaded, Version: 10.0.10586.20, Zeitstempel: 0x565423d2

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000025dd0

ID des fehlerhaften Prozesses: 0x21ec

Startzeit der fehlerhaften Anwendung: 0xcmd.exe0

Pfad der fehlerhaften Anwendung: cmd.exe1

Pfad des fehlerhaften Moduls: cmd.exe2

Berichtskennung: cmd.exe3

Vollständiger Name des fehlerhaften Pakets: cmd.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cmd.exe5
 

Error: (01/17/2016 01:55:33 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (01/15/2016 05:57:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (01/15/2016 04:27:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ACERXC115)

Description: Das Paket „Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
 

Error: (01/15/2016 10:39:54 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (01/15/2016 10:25:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (01/13/2016 03:22:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (01/13/2016 03:22:34 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert

.

Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {4fed14eb-9d3c-4e4c-9a5f-155aa544dab9}
 
 

Systemfehler:

=============

Error: (01/21/2016 01:44:19 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 

Error: (01/21/2016 01:42:05 PM) (Source: NetBT) (EventID: 4321) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.32

registriert werden. Der Computer mit IP-Adresse 192.168.178.42 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (01/21/2016 01:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenzugriff_6a4ff" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/21/2016 01:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenspeicher _6a4ff" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/21/2016 01:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Kontaktdaten_6a4ff" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/21/2016 01:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Synchronisierungshost_6a4ff" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/21/2016 01:40:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (01/21/2016 12:44:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 

Error: (01/21/2016 12:39:01 PM) (Source: NTFS) (EventID: 137) (User: )

Description: Auf dem Volume "Acer" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
 

Error: (01/21/2016 12:38:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _5b2df erreicht.
 
 

CodeIntegrity:

===================================

  Date: 2016-01-21 09:45:52.216

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-01-10 12:19:57.463

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-01-06 09:49:15.329

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-01-01 16:00:08.110

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-01-01 11:22:53.203

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2015-12-20 17:18:45.284

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2015-12-11 20:28:45.013

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2015-12-10 21:43:35.869

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2015-12-10 12:27:50.838

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2015-12-05 09:43:14.807

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: AMD E2-6110 APU with AMD Radeon R2 Graphics 

Prozentuale Nutzung des RAM: 53%

Installierter physikalischer RAM: 3512.28 MB

Verfügbarer physikalischer RAM: 1650.71 MB

Summe virtueller Speicher: 4728.28 MB

Verfügbarer virtueller Speicher: 2035.7 MB
 

==================== Laufwerke ================================
 

Drive c: (Acer) (Fixed) (Total:456.5 GB) (Free:331.09 GB) NTFS

Drive d: (DATA) (Fixed) (Total:457.01 GB) (Free:308.46 GB) NTFS

Drive f: (Transcend) (Removable) (Total:29.41 GB) (Free:29.4 GB) FAT32
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: FC186520)
 

Partition: GPT.
 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)

Partition 1: (Not Active) - (Size=29.4 GB) - (Type=0C)
 

==================== Ende von Addition.txt ============================

--- --- ---

Hallo hier die beiden Logs,AdwCleaner Logfile:

Code:

# AdwCleaner v5.030 - Bericht erstellt am 21/01/2016 um 16:35:49

# Aktualisiert am 17/01/2016 von Xplode

# Datenbank : 2016-01-19.2 [Server]

# Betriebssystem : Windows 10 Home  (x64)

# Benutzername : maddin - ACERXC115

# Gestartet von : C:\Users\maddin\Downloads\AdwCleaner_5.030.exe

# Option : LÃ¶schen

# UnterstÃ¼tzung : Forum - ToolsLib
 

***** [ Dienste ] *****
 
 

***** [ Ordner ] *****
 
 

***** [ Dateien ] *****
 
 

***** [ DLLs ] *****
 
 

***** [ VerknÃ¼pfungen ] *****
 
 

***** [ Aufgabenplanung ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

[-] SchlÃ¼ssel GelÃ¶scht : HKCU\Software\OCS
 

***** [ Internetbrowser ] *****
 
 

*************************
 

:: "Tracing" SchlÃ¼ssel gelÃ¶scht

:: Proxy Einstellungen zurÃ¼ckgesetzt

:: Winsock Einstellungen zurÃ¼ckgesetzt

:: Chrome Richtlinien gelÃ¶scht
 

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [849 Bytes] ##########

--- --- ---
FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016

durchgeführt von maddin (Administrator) auf ACERXC115 (21-01-2016 18:43:03)

Gestartet von C:\Users\maddin\Downloads

Geladene Profile: maddin (Verfügbare Profile: maddin & Administrator)

Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe

() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-01-10] (Realtek Semiconductor)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-01] ()

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: 0.0.0.1        mssplus.mcafee.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{47b9202d-2068-4c09-8392-2b3b3f346d5c}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKU\S-1-5-21-3121378926-3824479896-3812363718-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB

BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)

Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
 

FireFox:

========

FF ProfilePath: C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147

FF Homepage: hxxp://ahnenforschung-brand.jimdo.com/?logout=1

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-21] ()

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

FF SearchPlugin: C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147\searchplugins\McSiteAdvisor.xml [2016-01-21]

FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]

FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\maddin\AppData\Roaming\Mozilla\Firefox\Profiles\l98gxphj.default-1450955345147\extensions\artur.dubovoy@gmail.com [2016-01-21]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on

FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-08-09] [ist nicht signiert]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-20] [ist nicht signiert]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-15] () [Datei ist nicht signiert]

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-08] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-08] (Dropbox, Inc.)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-09-01] (Freemake) [Datei ist nicht signiert]

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-09-01] (Ellora Assets Corp.) [Datei ist nicht signiert]

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)

R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)

R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60440 2016-01-10] (Advanced Micro Devices, Inc.)

R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [93208 2016-01-10] (Advanced Micro Devices, Inc. )

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)

R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [269336 2016-01-10] (Advanced Micro Devices, Inc. )

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-21] (Malwarebytes)

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)

R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-01-10] (Realtek                                            )

R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2016-01-10] (Realsil Semiconductor Corporation)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]

S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-01-21 16:43 - 2016-01-21 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2016-01-21 16:18 - 2016-01-21 16:19 - 01505280 _____ C:\Users\maddin\Downloads\AdwCleaner_5.030.exe

2016-01-21 14:47 - 2016-01-21 14:49 - 00041116 _____ C:\Users\maddin\Downloads\Addition.txt

2016-01-21 14:44 - 2016-01-21 18:43 - 00023870 _____ C:\Users\maddin\Downloads\FRST.txt

2016-01-21 14:43 - 2016-01-21 18:43 - 00000000 ____D C:\FRST

2016-01-21 14:42 - 2016-01-21 14:43 - 02370560 _____ (Farbar) C:\Users\maddin\Downloads\FRST64.exe

2016-01-21 13:42 - 2016-01-21 13:42 - 00000000 ___HD C:\OneDriveTemp

2016-01-21 12:05 - 2016-01-21 18:43 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse

2016-01-21 10:32 - 2016-01-21 10:32 - 00002113 _____ C:\Users\maddin\Desktop\Entfernen des Avira EU-Cleaners.lnk

2016-01-21 10:32 - 2016-01-21 10:32 - 00002057 _____ C:\Users\maddin\Desktop\Avira EU-Cleaner.lnk

2016-01-21 10:23 - 2016-01-21 10:23 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse

2016-01-17 13:58 - 2016-01-19 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

2016-01-15 13:10 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-01-15 13:10 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2016-01-15 13:10 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll

2016-01-15 13:10 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2016-01-15 13:10 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-01-15 13:10 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2016-01-15 13:10 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2016-01-15 13:10 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2016-01-15 13:10 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-01-15 13:10 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-01-15 13:10 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2016-01-15 13:10 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2016-01-15 13:10 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll

2016-01-15 13:10 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2016-01-15 13:10 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-01-15 13:10 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-01-15 13:10 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll

2016-01-15 13:10 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-01-15 13:10 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-01-15 13:10 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-01-15 13:10 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-01-15 13:10 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-01-15 13:09 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-01-15 13:09 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-01-15 13:09 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-01-15 13:09 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-01-15 13:09 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll

2016-01-15 13:09 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-01-15 13:09 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll

2016-01-15 13:09 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll

2016-01-15 13:09 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll

2016-01-15 13:09 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2016-01-15 13:09 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2016-01-15 13:09 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2016-01-15 13:09 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL

2016-01-15 13:09 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll

2016-01-15 13:09 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll

2016-01-15 13:09 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2016-01-15 13:09 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2016-01-15 13:09 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-01-15 13:09 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx

2016-01-15 13:09 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2016-01-15 13:09 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll

2016-01-15 13:09 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-01-15 13:09 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2016-01-15 13:09 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL

2016-01-15 13:09 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll

2016-01-15 13:09 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll

2016-01-15 13:09 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2016-01-15 13:09 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax

2016-01-15 13:09 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2016-01-15 13:09 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll

2016-01-15 13:09 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx

2016-01-15 13:09 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2016-01-15 13:09 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2016-01-15 13:09 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2016-01-15 13:09 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2016-01-15 13:09 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL

2016-01-15 13:09 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll

2016-01-15 13:09 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL

2016-01-15 13:09 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll

2016-01-15 13:09 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2016-01-15 13:09 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax

2016-01-15 13:09 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2016-01-15 13:09 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2016-01-15 13:09 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2016-01-15 13:09 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2016-01-15 13:09 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-01-15 13:09 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2016-01-14 16:51 - 2016-01-14 16:52 - 01466656 _____ C:\Users\maddin\Downloads\SecureUSBflashdrives - CHIP-Installer.exe

2016-01-13 20:10 - 2016-01-13 20:10 - 00611115 _____ C:\Users\maddin\Downloads\explosionsteyrm9a1-17833883.pdf

2016-01-13 20:03 - 2016-01-13 20:03 - 01078649 _____ C:\Users\maddin\Downloads\Bedienung-UX-SA9.pdf

2016-01-10 12:29 - 2016-01-10 12:29 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

2016-01-10 12:29 - 2016-01-10 12:29 - 12975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat

2016-01-10 12:29 - 2016-01-10 12:29 - 05706688 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2016-01-10 12:29 - 2016-01-10 12:29 - 02531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 02088737 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2016-01-10 12:29 - 2016-01-10 12:29 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01747160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01365768 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL

2016-01-10 12:29 - 2016-01-10 12:29 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2016-01-10 12:29 - 2016-01-10 12:29 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll

2016-01-10 12:21 - 2016-01-10 12:21 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2016-01-10 12:21 - 2016-01-10 12:21 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2016-01-10 12:20 - 2016-01-10 12:20 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll

2016-01-10 12:20 - 2016-01-10 12:20 - 00402136 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys

2016-01-10 12:20 - 2016-01-10 12:20 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 02975768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\rootpacommon.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00269336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys

2016-01-10 12:19 - 2016-01-10 12:18 - 00129048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\tbaseregistry64.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00108568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\tbaseregistry32.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00093208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdkmcsp.sys

2016-01-10 12:19 - 2016-01-10 12:18 - 00091672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdumcsp.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdumcsp.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00025112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\t-base_client_api.dll

2016-01-10 12:19 - 2016-01-10 12:18 - 00021016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\t-base_client_api.dll

2016-01-10 12:18 - 2016-01-10 12:18 - 00000000 ____D C:\ProgramData\DriverSetupUtility

2016-01-10 12:18 - 2016-01-10 12:18 - 00000000 ____D C:\Program Files\DriverSetupUtility

2016-01-10 11:50 - 2016-01-10 11:51 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth

2016-01-10 11:47 - 2015-05-17 23:33 - 04301304 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x.sys

2016-01-10 11:43 - 2016-01-10 11:43 - 00001810 _____ C:\Users\Public\Desktop\Acer Care Center.lnk

2016-01-10 11:41 - 2016-01-10 11:41 - 01761632 _____ (Acer Incorporated) C:\Users\maddin\Downloads\AcerCareCenterLiveUpdater.exe

2016-01-10 11:09 - 2016-01-10 11:09 - 00347816 _____ (Microsoft Corporation) C:\Users\maddin\Downloads\MicrosoftFixit.Devices.Run.exe

2016-01-07 23:35 - 2016-01-07 23:36 - 01749504 _____ C:\Users\maddin\Downloads\AdwCleaner_5.028.exe

2016-01-07 12:12 - 2016-01-07 12:44 - 224055296 _____ C:\Users\maddin\Downloads\LibreOffice_4.4.7_Win_x86.msi

2016-01-07 12:03 - 2016-01-07 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-01-04 14:37 - 2016-01-04 14:37 - 00000000 ____D C:\WINDOWS\Panther

2016-01-02 17:53 - 2016-01-02 17:53 - 05279784 _____ C:\Users\maddin\Documents\Jarolift_Rohrmotor_SL.pdf

2016-01-02 17:31 - 2016-01-02 17:31 - 00139369 ____R C:\Users\maddin\Documents\ELERO Typ 9 - Bedienungsanleitung.pdf

2016-01-02 17:19 - 2016-01-02 17:19 - 00146060 ____R C:\Users\maddin\Documents\ELERO Typ 9 - Technische Daten.pdf

2015-12-24 12:09 - 2015-12-24 12:09 - 00000000 ____D C:\Users\maddin\Desktop\Alte Firefox-Daten

2015-12-22 16:58 - 2016-01-14 21:57 - 00000000 ____D C:\WINDOWS\Minidump
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-01-21 16:58 - 2015-08-08 08:53 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2016-01-21 16:48 - 2015-08-23 18:14 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-01-21 16:43 - 2015-12-03 12:59 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-01-21 16:43 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat

2016-01-21 16:43 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat

2016-01-21 16:43 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-01-21 16:39 - 2015-04-24 21:00 - 00000000 __RDO C:\Users\maddin\OneDrive

2016-01-21 16:38 - 2015-08-09 17:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-01-21 16:38 - 2015-08-08 08:53 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2016-01-21 16:37 - 2015-12-03 13:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-01-21 16:37 - 2014-11-14 17:03 - 02350691 _____ C:\WINDOWS\SysWOW64\rootpa.e2e

2016-01-21 16:36 - 2015-12-03 12:36 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2016-01-21 16:36 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-01-21 16:35 - 2015-10-31 14:41 - 00000000 ____D C:\AdwCleaner

2016-01-21 14:47 - 2015-10-30 07:28 - 00000000 ____D C:\Windows

2016-01-21 12:20 - 2015-08-16 17:22 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2016-01-21 10:02 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-01-21 10:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-01-21 09:55 - 2015-11-13 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-01-21 09:55 - 2015-11-13 16:40 - 00000000 ____D C:\ProgramData\Oracle

2016-01-21 09:55 - 2015-11-13 16:40 - 00000000 ____D C:\Program Files (x86)\Java

2016-01-21 09:54 - 2015-11-13 16:41 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2016-01-21 09:54 - 2015-11-13 16:41 - 00000000 ____D C:\Users\maddin\.oracle_jre_usage

2016-01-21 09:41 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM

2016-01-21 09:40 - 2015-08-08 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-01-19 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-01-19 22:08 - 2015-08-08 19:36 - 00000000 ____D C:\Users\maddin\AppData\Roaming\vlc

2016-01-19 22:08 - 2015-06-23 10:07 - 00000000 ____D C:\Users\maddin\Documents\EVONIK

2016-01-17 21:10 - 2015-10-09 12:12 - 00000000 ____D C:\Users\maddin\Desktop\SICHERHEIT

2016-01-15 17:57 - 2015-10-08 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2016-01-15 17:39 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-01-15 17:08 - 2015-08-09 17:35 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2016-01-15 10:40 - 2015-08-08 20:09 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-01-15 10:34 - 2015-08-08 20:08 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-01-14 11:49 - 2015-12-03 12:40 - 00000000 ____D C:\Users\maddin

2016-01-14 11:48 - 2015-09-05 16:18 - 00000000 ____D C:\Program Files (x86)\McAfee

2016-01-13 15:24 - 2015-08-16 16:31 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk

2016-01-13 15:24 - 2015-08-16 16:31 - 00001152 _____ C:\Users\Public\Desktop\paint.net.lnk

2016-01-13 15:24 - 2015-08-16 16:30 - 00000000 ____D C:\Program Files\paint.net

2016-01-10 15:37 - 2015-04-26 09:04 - 00000000 ____D C:\Users\maddin\Desktop\SCANNER

2016-01-10 12:31 - 2014-11-14 17:00 - 00000000 ___HD C:\Program Files (x86)\Temp

2016-01-10 12:30 - 2015-12-03 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2016-01-10 12:29 - 2014-11-14 17:00 - 04477656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2016-01-10 12:29 - 2014-11-14 17:00 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

2016-01-10 12:21 - 2014-11-14 16:52 - 00000000 ____D C:\Program Files (x86)\Realtek

2016-01-10 12:20 - 2014-11-14 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2016-01-10 12:18 - 2015-06-23 10:39 - 01797656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll

2016-01-10 12:18 - 2015-06-23 10:39 - 00106520 _____ (AMD) C:\WINDOWS\system32\pspcoins.dll

2016-01-10 12:18 - 2015-06-23 10:39 - 00060440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\tbaseprovisioning.exe

2016-01-10 12:17 - 2014-11-14 16:47 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros

2016-01-10 11:44 - 2015-08-07 21:41 - 00000000 ____D C:\Users\maddin\AppData\Local\CareCenter

2016-01-10 11:43 - 2015-08-07 21:41 - 00003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication

2016-01-10 11:43 - 2014-11-14 17:11 - 00005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application

2016-01-10 11:43 - 2014-11-14 17:10 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

2016-01-10 11:41 - 2015-08-19 12:54 - 00000000 ____D C:\Users\maddin\AppData\Local\acer

2016-01-09 13:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2016-01-06 19:53 - 2015-07-23 13:32 - 00000000 ___RD C:\Users\maddin\Documents\ARBEIT

2016-01-04 18:19 - 2015-12-03 13:13 - 00000000 ____D C:\Users\maddin\AppData\Local\Comms

2016-01-04 18:18 - 2015-04-24 13:55 - 00000000 ____D C:\Users\maddin\AppData\Local\Packages

2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-12-31 14:31 - 2015-12-11 18:41 - 00000000 ____D C:\Users\maddin\Downloads\Ant Videos

2015-12-30 17:59 - 2015-04-28 19:51 - 00000000 ____D C:\Users\maddin\Documents\RECHNUNGEN

2015-12-26 11:38 - 2015-05-13 20:01 - 00000000 ____D C:\Users\maddin\Documents\Family Tree Maker
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-09-29 11:21 - 2015-09-29 11:21 - 0000036 _____ () C:\Users\maddin\AppData\Local\housecall.guid.cache

2015-12-03 12:36 - 2015-12-03 12:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 

Einige Dateien in TEMP:

====================

C:\Users\maddin\AppData\Local\Temp\jre-8u71-windows-au.exe

C:\Users\maddin\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-01-17 13:59
 

==================== Ende von FRST.txt ============================

--- --- ---