Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Probleme mit Internetbrowser (https://www.trojaner-board.de/176135-probleme-internetbrowser.html)

Kaskadeking 18.02.2016 16:44
Probleme mit Internetbrowser
 
Hallo :) ,

seit einigen Tagen hab ich das Problem, dass Firefox keine Seite lädt und Chrome andauernd abstürzt. Zusätzlich wird der Prozess beim beenden der beiden Browser irgendwie nicht wirklich beendet.

Im normalen Taskmanager taucht er nicht auf, allerdings im Process Explorer wird der Prozess weiterhin angezeigt und beim beenden kommt:

Code:
Error terminating process: Zugriff verweigert
Mit dem ProcessHacker bekomm ich:

Code:
Unable to terminate firefox.exe (PID xxxx): Es wurde versucht, auf einen Prozess zuzugreifen, der gerade beendet wurde.
Das Profil bleibt allerdings gesperrt, wodurch Firefox auch nicht neustartet.

FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (Administrator) auf KASKADEKING-PC (18-02-2016 16:20:55)
Gestartet von C:\Users\***\Desktop
Geladene Profile: KaskadekingDE (Verfügbare Profile: KaskadekingDE)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Guillemot Corporation) C:\Windows\SysWOW64\HerculesWiFiService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(VMware, Inc.) D:\Programme\VMware\vmware-authd.exe
(SeriousBit) D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe
() D:\Programme\Synergy\synergyd.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbam.exe
() D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Ruiware) D:\Programme\WinPatrol\WinPatrol.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe
(Sysinternals - www.sysinternals.com) D:\Bibliotheken\Dokumente\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\***\AppData\Local\Temp\PROCEXP64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Igor Pavlov) D:\Programme\7-Zip\7zFM.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
konnte nicht auf den Prozess zugreifen -> swi_lspdiag.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Valve Corporation) D:\Programme\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => D:\Programme\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1418504 2016-01-03] (Sophos Limited)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [WinPatrol] => D:\Programme\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15681832 2015-12-14] (eM Client, Inc.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [FileHippo.com] => D:\Programme\FileHippo.com\FileHippo.AppManager.exe [10574544 2015-05-12] ()
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [BitTorrent] => C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe [1873952 2015-12-06] (BitTorrent Inc.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-23] (Spotify Ltd)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-12-02] (Sophos Limited)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{16b3da2f-3369-4f8c-958f-17af1676bbfc}: [DhcpNameServer] 10.175.0.1
Tcpip\..\Interfaces\{bd567df3-7c98-4f98-ae5e-f75c7867c650}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programme\Microsoft Office 2013\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\jre1.8.0_65\bin\ssv.dll [2015-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation)
BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programme\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-117306591-3796779208-521460896-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\bugzilla.xml [2015-07-07]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\vb-paradise-20.xml [2015-07-13]
FF Extension: HttpRequester - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-06-17]
FF Extension: Greasemonkey - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22]
FF Extension: DownThemAll! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-13]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-16]
StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16]
CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16]
CHR Extension: (uBlock Origin) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-16]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Tampermonkey) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-16]
CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-06-02] (Apple Inc.) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 EaseUS Agent; D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
S3 GalaxyClientService; D:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-11] (GOG.com)
R2 HerculesWiFi; C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation)
R2 jetbrainsetw.103.0.20150818.191753; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1479288 2015-08-18] (JetBrains s.r.o)
R2 MBAMScheduler; D:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; D:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NetBalancerService; D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts)
S3 OverwolfUpdater; D:\Programme\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-29] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-12-02] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-12-02] (Sophos Limited)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [489224 2016-01-03] (Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [331048 2016-01-03] (Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [909608 2016-01-03] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341768 2015-12-02] (Sophos Limited)
S3 Survarium-Steam Update Service; D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-12-25] ()
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300808 2015-12-02] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278600 2015-12-02] (Sophos Limited)
R2 Synergy; D:\Programme\Synergy\synergyd.exe [311488 2015-11-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 VMAuthdService; D:\Programme\VMware\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.)
S3 VSStandardCollectorService140; D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-29] (Realtek                                            )
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                          )
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-12-02] (Sophos Limited)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-12-02] (Sophos Limited)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-12-02] (Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-12-02] (Sophos Limited)
S3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-05-25] (The OpenVPN Project)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-02-05] (IDRIX)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WinDivert1.1; \??\D:\Programme\KMSpico\WinDivert.sys [X]
S3 XSplit_Dummy; \SystemRoot\system32\drivers\xspltspk.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 16:20 - 2016-02-18 16:21 - 00027827 _____ C:\Users\***\Desktop\FRST.txt
2016-02-18 16:20 - 2016-02-18 16:20 - 02371072 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2016-02-18 16:20 - 2016-02-18 16:20 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion
2016-02-18 15:24 - 2016-02-18 15:24 - 00001655 _____ C:\Users\***\Desktop\Twitter Downloader.lnk
2016-02-18 15:03 - 2016-02-18 15:03 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-02-16 16:54 - 2016-02-16 16:54 - 00002331 _____ C:\Users\***\Desktop\Google Chrome.lnk
2016-02-16 16:37 - 2015-12-02 18:11 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-16 16:35 - 2016-02-16 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-16 16:27 - 2016-02-16 16:28 - 00127698 _____ C:\WINDOWS\ntbtlog.txt
2016-02-16 15:52 - 2016-02-18 16:20 - 00000000 ____D C:\FRST
2016-02-15 17:46 - 2016-02-15 17:46 - 00000696 _____ C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2016-02-15 17:46 - 2016-02-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2016-02-15 17:32 - 2016-02-17 16:06 - 00000000 ____D C:\NST
2016-02-15 17:12 - 2016-02-15 17:12 - 00000000 ____D C:\Users\***\AppData\Local\NeoSmart_Technologies
2016-02-15 14:50 - 2016-02-15 14:50 - 00000173 _____ C:\Users\***\.gitconfig
2016-02-15 13:48 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Desktop\bookmarks-2016-02-15.json
2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam
2016-02-12 17:58 - 2016-02-12 17:58 - 00000000 ____D C:\ProgramData\KONAMI
2016-02-10 16:25 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 16:25 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 16:25 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 16:25 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 16:25 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 16:25 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 16:25 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 16:25 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 16:25 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 16:25 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 16:25 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 16:25 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 16:25 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:25 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 16:25 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 16:25 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 16:25 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:25 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 16:25 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 16:25 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 16:25 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:25 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 16:25 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 16:25 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 16:25 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 16:25 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 16:25 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:24 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:24 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:24 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 16:24 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 16:24 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 16:24 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:24 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 16:24 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:24 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:24 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:24 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 16:24 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:24 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:24 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:24 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:24 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 16:24 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:24 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:24 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 16:24 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 16:24 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:24 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:24 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:24 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:24 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:24 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 16:24 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 16:24 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:24 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 16:24 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:24 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:24 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 16:24 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 16:24 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 16:24 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:24 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:24 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 16:24 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 20:11 - 2016-02-09 20:11 - 00000836 _____ C:\Users\***\AppData\Local\recently-used.xbel
2016-02-05 22:07 - 2016-02-05 22:07 - 00001028 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-02-05 18:18 - 2016-02-05 18:50 - 00000239 _____ C:\Users\***\Desktop\anime staffel 3.txt
2016-02-05 13:14 - 2016-02-05 13:14 - 00000212 _____ C:\Users\***\Desktop\Pro Evolution Soccer 2016 myClub.url
2016-02-05 09:57 - 2016-02-05 09:57 - 00195416 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2016-02-05 09:57 - 2016-02-05 09:57 - 00000747 _____ C:\Users\***\Desktop\VeraCrypt.lnk
2016-02-05 09:57 - 2016-02-05 09:57 - 00000000 ____D C:\Users\***\AppData\Roaming\VeraCrypt
2016-02-02 10:56 - 2016-02-02 10:56 - 00000000 ____D C:\Users\***\Desktop\SSQLib_v0.9.0
2016-02-01 18:24 - 2016-02-01 18:25 - 00000000 ____D C:\ProgramData\Overwolf
2016-02-01 18:24 - 2016-02-01 18:24 - 00003766 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2016-02-01 18:24 - 2016-02-01 18:24 - 00000856 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-02-01 18:24 - 2016-02-01 18:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-02-01 18:22 - 2016-02-01 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Overwolf
2016-01-31 13:55 - 2016-02-16 16:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-01-29 18:15 - 2016-01-30 19:53 - 00005386 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KASKADEKING-PC-KaskadekingDE Kaskadeking-PC
2016-01-29 16:56 - 2016-02-06 21:45 - 00000120 _____ C:\Users\***\Desktop\anime staffel 2.txt
2016-01-29 16:12 - 2016-01-29 16:12 - 00000000 ____D C:\Users\***\Desktop\octoawesome-develop
2016-01-29 15:13 - 2016-01-29 15:13 - 00001899 _____ C:\Users\***\Desktop\PowerPoint 2013.lnk
2016-01-29 15:13 - 2016-01-29 15:13 - 00001855 _____ C:\Users\***\Desktop\Excel 2013.lnk
2016-01-29 15:01 - 2016-01-29 15:01 - 00001863 _____ C:\Users\***\Desktop\Word 2013.lnk
2016-01-29 14:56 - 2016-02-10 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-29 14:56 - 2016-01-29 14:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-29 14:55 - 2016-01-29 14:55 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-01-29 14:53 - 2016-01-30 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2016-01-29 14:53 - 2016-01-29 14:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-28 15:25 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 15:25 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 15:25 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 15:25 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 15:25 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 15:25 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 15:25 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 15:25 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 15:25 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 15:25 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 15:25 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 15:25 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 15:25 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 15:25 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 15:25 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 15:25 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 15:25 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 15:25 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 15:25 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 15:25 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 15:24 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 15:24 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 15:24 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 15:24 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 15:24 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 15:24 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 15:24 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 15:24 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 15:24 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 15:24 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 15:24 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 15:24 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 15:24 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 15:24 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 15:24 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 15:24 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 15:24 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 15:24 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 15:24 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 15:24 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 15:24 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 15:24 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 15:24 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 15:24 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 15:24 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 15:24 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 15:24 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 15:24 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 15:24 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 15:24 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 15:24 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 15:24 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 15:24 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 15:24 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 15:24 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 15:24 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 15:24 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 15:24 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 15:24 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 15:24 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 15:24 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 15:24 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 15:24 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 15:24 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 15:24 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 15:24 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 15:24 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 15:24 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 15:24 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 15:24 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 15:24 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 15:24 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 15:24 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 15:24 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 15:24 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 15:24 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 15:24 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 15:24 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 15:24 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 15:24 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 15:24 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 15:24 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 15:24 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 15:24 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 15:24 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 15:24 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 15:24 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 15:24 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 15:24 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 15:24 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 15:24 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 15:24 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 15:24 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 15:24 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 15:24 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 15:24 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 15:24 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 15:24 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 15:24 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 15:24 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 15:24 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 15:24 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 15:24 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 15:24 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 15:24 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 15:24 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 15:24 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 15:24 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-26 18:04 - 2016-01-26 18:05 - 00000000 ____D C:\Users\***\Desktop\Vae-master
2016-01-25 15:25 - 2016-01-25 15:25 - 00000212 _____ C:\Users\***\Desktop\Sven Co-op.url
2016-01-24 18:42 - 2016-01-24 18:42 - 00018099 _____ C:\Users\***\Desktop\TextDeutsch.odt
2016-01-23 16:08 - 2016-01-23 16:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Awesomium
2016-01-23 16:08 - 2016-01-09 16:39 - 03916368 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2016-01-23 16:07 - 2016-01-23 16:07 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-01-23 16:07 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2016-01-23 16:07 - 2003-07-18 22:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2016-01-23 12:08 - 2016-01-23 12:18 - 00000000 ____D C:\Users\***\AppData\Roaming\discord
2016-01-23 12:08 - 2016-01-23 12:08 - 00002245 _____ C:\Users\***\Desktop\Discord.lnk
2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Local\Discord
2016-01-22 19:08 - 2016-01-22 19:08 - 00000792 _____ C:\Users\Public\Desktop\NetBalancer.lnk
2016-01-22 19:08 - 2016-01-15 08:41 - 00042128 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys
2016-01-22 18:59 - 2016-01-22 18:59 - 00001502 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\Program Files (x86)\NCWest
2016-01-22 17:32 - 2016-01-22 17:32 - 00000212 _____ C:\Users\***\Desktop\Survarium.url
2016-01-22 15:14 - 2016-01-22 15:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Process Hacker 2
2016-01-22 15:12 - 2016-01-22 15:12 - 00000000 ____D C:\Users\***\Desktop\ProcessHacker
2016-01-21 19:23 - 2016-01-21 19:23 - 00003207 _____ C:\Users\***\Desktop\Wizard Chess.lnk
2016-01-21 19:23 - 2016-01-21 19:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard Chess
2016-01-21 14:37 - 2016-02-18 15:56 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 16:20 - 2015-05-30 18:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-18 16:14 - 2015-12-06 18:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-18 16:14 - 2015-12-06 18:01 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 16:12 - 2015-11-29 15:22 - 02011300 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-18 16:12 - 2015-10-30 19:35 - 00855194 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-18 16:12 - 2015-10-30 19:35 - 00188946 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-18 16:12 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-18 16:11 - 2015-06-04 20:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-18 16:11 - 2015-05-30 15:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A816AD26-8DB1-4860-ADDE-5794E0E9DEB5}
2016-02-18 16:07 - 2015-05-30 18:26 - 00000000 ____D C:\Users\***\AppData\Roaming\eM Client
2016-02-18 16:06 - 2015-11-29 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-18 16:06 - 2015-08-13 17:48 - 00000000 ____D C:\ProgramData\VMware
2016-02-18 16:00 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-18 16:00 - 2015-04-10 09:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-02-18 15:45 - 2015-06-15 20:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-18 15:10 - 2015-06-09 14:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-17 19:47 - 2015-06-29 15:19 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2016-02-17 16:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-17 16:04 - 2015-12-30 13:07 - 00000000 ____D C:\Users\***\AppData\Local\Deployment
2016-02-17 14:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-16 19:25 - 2015-05-30 16:40 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft
2016-02-16 16:20 - 2015-12-16 21:01 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer
2016-02-16 16:20 - 2015-06-23 15:28 - 00000000 ____D C:\Users\***\AppData\Roaming\BitTorrent
2016-02-16 15:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-15 21:15 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\.VirtualBox
2016-02-15 17:15 - 2015-11-29 15:22 - 00000000 ____D C:\Users\***
2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Roaming\GitHub
2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Local\GitHub
2016-02-14 20:17 - 2015-08-01 12:19 - 00007625 _____ C:\Users\***\AppData\Local\Resmon.ResmonCfg
2016-02-14 18:08 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Local\VMware
2016-02-14 17:53 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Roaming\VMware
2016-02-14 17:52 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\VirtualBox VMs
2016-02-14 13:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-14 13:09 - 2015-08-13 09:40 - 00000000 ____D C:\Users\***\AppData\Local\ElevatedDiagnostics
2016-02-12 21:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 13:43 - 2015-04-15 09:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 20:33 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 20:16 - 2015-12-06 18:04 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 18:27 - 2015-01-23 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 18:18 - 2015-01-23 13:16 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 18:17 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 20:17 - 2015-12-03 15:07 - 00000000 ____D C:\Users\***\.gimp-2.8
2016-02-05 23:01 - 2015-05-30 18:40 - 00000000 ____D C:\ProgramData\Origin
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 23:51 - 2015-07-11 08:58 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2016-02-02 23:41 - 2015-07-11 08:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2016-02-02 16:09 - 2015-12-06 18:01 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 16:09 - 2015-12-06 18:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 22:57 - 2015-08-03 19:44 - 00000000 ____D C:\Users\***\AppData\Roaming\TS3Client
2016-01-30 19:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-30 09:54 - 2015-11-29 15:20 - 00360472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-29 18:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-29 14:55 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-29 14:54 - 2015-10-30 19:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-01-23 12:08 - 2015-06-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\SquirrelTemp
2016-01-22 19:07 - 2015-12-06 13:59 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-01-22 18:58 - 2015-05-30 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-22 16:59 - 2016-01-11 20:57 - 00000000 ____D C:\Program Files\WinPcap
2016-01-21 19:33 - 2015-10-21 18:27 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity
2016-01-20 17:49 - 2015-12-19 17:46 - 00001856 _____ C:\Users\***\Desktop\UnlockPass.lnk
2016-01-19 19:54 - 2015-06-15 20:04 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2016-01-19 12:52 - 2015-10-04 09:12 - 00000000 ____D C:\Users\***\AppData\Local\Syncthing
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-14 12:43 - 2015-11-14 12:43 - 0000000 _____ () C:\Users\***\AppData\Local\debuggee.mdmp
2016-02-09 20:11 - 2016-02-09 20:11 - 0000836 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-08-01 12:19 - 2016-02-14 20:17 - 0007625 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-11-29 15:21 - 2015-11-29 15:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\PROCEXP64.exe
 
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
LastRegBack: 2016-02-11 16:34
==================== Ende von FRST.txt ============================

Kaskadeking 18.02.2016 16:44
Addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (2016-02-18 16:21:37)
Gestartet von C:\Users\***\Desktop
Windows 10 Home (X64) (2015-11-29 14:42:33)
Start-Modus: Normal
==========================================================
 
==================== Konten: =============================
Administrator (S-1-5-21-117306591-3796779208-521460896-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-117306591-3796779208-521460896-503 - Limited - Disabled)
Gast (S-1-5-21-117306591-3796779208-521460896-501 - Limited - Disabled)
KaskadekingDE (S-1-5-21-117306591-3796779208-521460896-1001 - Administrator - Enabled) => C:\Users\***
SophosSAUKASKADEKIN0 (S-1-5-21-117306591-3796779208-521460896-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Home (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Home (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Amberlight (HKLM\...\Amberlight_is1) (Version: 1.2.1 - Escape Motions, s.r.o)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Artipic (HKLM-x32\...\{C8A6CFF8-9D80-4C6C-B490-805AD9F2906B}}_is1) (Version: 2.3.3.8 - Artipic AB)
Atom (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\atom) (Version: 0.210.0 - GitHub Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BitTorrent (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Bytescout BarCode Generator SDK (HKLM\...\Bytescout BarCode Generator SDK (DEMO) for .NET,~C2143553_is1) (Version: 4.31.773 - ByteScout)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
CMake 3.2.3, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.2.3) (Version: 3.2.3 - Kitware)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.7.0 - oldsch00l)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Discord) (Version: 0.0.283 - Hammer & Chisel, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version:  - Trendy Entertainment)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Home 8.3  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
eM Client (HKLM-x32\...\{CF65F1D0-451B-4989-94BD-C237EF492C45}) (Version: 6.0.24144.0 - eM Client Inc.)
Emily is Away (HKLM-x32\...\Steam App 417860) (Version:  - Kyle Seeley)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version:  - RobTop Games)
GhostDoc Community (HKLM-x32\...\{134A5765-D59B-4160-8C70-B84BF9F53DF9}) (Version: 5.0.15325.0 - SubMain)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.1.0.0 - Hercules)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
ILMergeGui (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\62cf57378a6f68a5) (Version: 2.0.9.0 - ILMergeGui)
Inno Setup Version 5.5.6 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.6 - jrsoftware.org)
IntelliJ IDEA 14.1.3 (HKLM-x32\...\IntelliJ IDEA 14.1.3) (Version: 141.1010.3 - JetBrains s.r.o.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
JetBrains dotMemory 4.4 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{b8a6d796-db4f-58ea-aae4-a79c5c50ae08}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains dotTrace 6.2 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{88c98260-375d-5bfa-b13a-ed37aa84b268}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains ETW Host Service (x32 Version: 103.0.4.0 - JetBrains s.r.o) Hidden
JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2015.2 - JetBrains s.r.o.)
Jumpbox (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Jumpbox) (Version:  - )
Lethal League (HKLM-x32\...\Steam App 261180) (Version:  - Team Reptile)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
MonoGame SDK (HKLM-x32\...\MonoGame) (Version: 3.4.0.456 - The MonoGame Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
Node.js (HKLM\...\{8C13D15E-D6C0-4ACB-A03C-1AE18931F3CE}) (Version: 4.2.2 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.8 (HKLM\...\{C1B8ECDB-4DB0-47ED-B9CE-61638F876B0F}) (Version: 5.0.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Pro Evolution Soccer 2016 myClub (HKLM-x32\...\Steam App 407250) (Version:  - Konami Digital Entertainment)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Qt (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{ac87b106-fe35-4fb0-a62c-ec8af1029b78}) (Version: 2.0.1 - The Qt Company Ltd)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.5.3 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.1.2.0 - Sophos Limited)
Sophos Management Communications System (HKLM-x32\...\{1FFD3F20-5D24-4C9A-B9F6-A207A53CF179}) (Version: 2.0.1 - Sophos Limited)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
Spotify (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.34a - )
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version:  - Sven Co-op Team)
Synergy (64-bit) (HKLM\...\{68C1AA13-4370-4761-B53F-1862C2CE26CB}) (Version: 1.7.5 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\UnityWebPlayer) (Version: 5.1.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version:  - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
Video to GIF 5.2 (HKLM-x32\...\Video to GIF) (Version: 5.2 - AoaoPhoto Digital Studio.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.12 - Ruiware)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wizard Chess (HKLM-x32\...\{7EDF4B2F-12CD-446A-B520-04C724FD01F0}) (Version: 1.00.0000 - IncaGold)
Wizard101(DE) (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Wizard101(DE)_is1) (Version:  - Gameforge 4D GmbH)
Xamarin (HKLM-x32\...\{70E3C7E9-E984-4135-942B-52963D0B7039}) (Version: 3.11.590.0 - Xamarin)
Xamarin Studio 5.9.3 (HKLM-x32\...\{16D3BA45-EA63-46F0-968C-D9627C2A8325}) (Version: 5.9.3.1 - Xamarin)
Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05ADF184-AC01-4BC3-B2E5-98BC702002B5} - System32\Tasks\Overwolf Updater Task => D:\Programme\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD)
Task: {0D5249DB-0A2A-4264-BBFC-6389A47878C0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {1829ECFA-894B-4244-8029-CC89588CBE94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {22034237-860F-4919-A56E-6B7E1801E579} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2430B91C-8D5C-49EC-BA8E-10AFC8ABA5DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {2F43E5B9-4E07-4A9E-AF27-440ECA8184E3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {34F2651E-101F-4CDC-9734-9854C940288C} - System32\Tasks\WiFiN => D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe [2012-09-26] ()
Task: {49E95BCB-F7AC-4A23-9E75-DF3955DB6A38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {4B93025F-70D9-4D34-8FEF-91E08A1F1AAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {61246773-85FA-4604-8169-7372EDB3993E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KASKADEKING-PC-KaskadekingDE Kaskadeking-PC => D:\Programme\Microsoft Office 2013\Office15\MsoSync.exe [2015-11-10] (Microsoft Corporation)
Task: {66DEC9EC-C7E5-4C08-886C-39628DAE2F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {88DBA2F1-5099-434F-B42A-E1EF0C79CCBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8C86B49E-B6CB-4EB0-AA6C-2C6B062C496D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {99952BA4-4F55-4B26-840C-1A515DAC9524} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A5844AE5-7238-4D95-8F90-11A89510DFA0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A61971F0-2372-4F59-8FE4-01A661B3D632} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A6412D8C-E11E-49DE-AA02-F12085622173} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {B85BD12C-1C2B-4D11-B6AE-AB6713412D16} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D158BD57-5782-404E-935E-08BE45754DC0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D200A9DC-F5EC-4DFF-9298-BCEDFD97EFA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {DCC06BCC-1BF0-49DF-B1ED-861D343F94AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {E0E9B1E2-FFF4-40C8-B009-F979C830C131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E9ECD999-20E2-4CB3-A9DB-75D03B2CD2E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EA8DC422-7597-4E80-9867-A63A73F99147} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\***\Desktop\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
Shortcut: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MSVC 2013 OpenGL (64-bit)\Qt 5.4 64-bit for Desktop (MSVC 2013 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\msvc2013_64_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MinGW 4.9 (32-bit)\Qt 5.4 for Desktop (MinGW 4.9 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\mingw491_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "D:\Program Files (x86)\NodeJS\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-29 12:04 - 2015-12-29 12:19 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-19 20:19 - 2015-11-19 20:19 - 00311488 _____ () D:\Programme\Synergy\synergyd.exe
2015-05-30 17:50 - 2014-12-15 00:03 - 00241704 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 08:45 - 2012-09-26 13:29 - 01250712 _____ () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
2016-01-22 14:31 - 2016-01-22 14:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-02 16:18 - 2015-06-02 16:18 - 00043480 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () D:\Programme\Notepad++\NppShell_06.dll
2015-12-18 18:35 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-01-13 17:12 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 17:12 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 15:25 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 15:25 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-01-11 20:05 - 2013-01-11 20:05 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2016-01-03 10:46 - 2016-01-03 10:46 - 00306472 _____ () C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\log4cplus.dll
2015-05-31 06:59 - 2015-05-31 06:59 - 01301696 _____ () D:\Programme\VMware\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00098856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CodeLog.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00017448 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CompressFile.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00088616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 01296424 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00060968 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\zlib1.dll
2015-05-30 17:50 - 2015-03-14 10:53 - 00107560 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActivationOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\logsys.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00030248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DiskSearchImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00068136 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\MountImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00158248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00281128 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DsImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00072232 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CheckImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00139816 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\vhdvmdk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037416 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\BootDriver.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00759848 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ExImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00193064 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBackupSize.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00407080 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00148008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumDisk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00076840 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FatLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00207912 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00024616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\GetDriverInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020520 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CorrectMbr.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00032296 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumTapeDevice.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00034856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbTapeBrowse.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00064040 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\RegLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00022568 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AccountManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00115752 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NasOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00194088 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBrowser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CloudOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037928 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActiveOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00135720 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\VMConfig.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidDeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00043048 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbDataSwap.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00353832 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00027176 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceAdapter.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00137256 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Device.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00096808 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBFireWall.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00146984 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Partition.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00050216 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00061992 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00089640 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Common.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00056360 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00223784 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\SmartBackup.dll
2016-01-22 14:31 - 2016-01-22 14:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-27 12:16 - 2015-12-27 12:16 - 00134656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\14d5e46970fc56c56394b8383cb9f499\MailClient.Collections.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00491520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\0575eee1d26008282a31448129fbb12e\MailClient.Mail.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 00934400 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\2c861552d87a2b1305c1a928d4c5c2ef\HTMLEditorControl.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\cc0ac0ce661546619504ae4bda015336\LinqBridge.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\b5641c74578e7d1b6d0ce86c97a2b92e\MailClient.Interop.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00580096 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\71210286d98f8abe1d2c4a58edf95d4c\MailClient.Common.UI.ni.dll
2015-03-27 12:19 - 2015-03-27 12:19 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2015-12-20 16:34 - 2015-12-20 16:34 - 00083456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\5a5f3ab9496147415a2aee4ef0820a63\SystemCoreTimeZone.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00097280 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\4afad7ebad38e58d8d550faa9fbf7120\MailClient.Sasl.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00639488 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\a1f68054ecaf1db78eecd45d3aa49931\HtmlInterop.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 01570816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d52ba91105e028f9307ac1a0e5f63a12\WindowsAPICodePack.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 00249344 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\7981132ef1afe7770510626d29808f38\MailClient.Imap.Base.ni.dll
2016-02-03 12:48 - 2015-12-15 06:54 - 00782336 _____ () D:\Programme\Steam\SDL2.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll
2016-02-05 12:01 - 2016-02-04 22:02 - 02546768 _____ () D:\Programme\Steam\video.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll
2016-02-05 12:01 - 2016-02-04 22:01 - 00802896 _____ () D:\Programme\Steam\bin\chromehtml.DLL
2016-02-03 12:48 - 2015-12-30 02:51 - 00208896 _____ () D:\Programme\Steam\bin\openvr_api.dll
2016-02-03 12:48 - 2016-01-06 02:52 - 48387872 _____ () D:\Programme\Steam\bin\libcef.dll
2016-02-03 12:48 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll
2016-02-10 20:16 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 20:16 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\localhost -> hxxps://localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-02-14 12:55 - 00001252 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\Wallpaper -> D:\Bibliotheken\Bilder\Amberlight\Phoenix.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "My Daily Wallpaper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{C4141F71-C3A1-4F34-86B7-867903A2A6F6}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [TCP Query User{D4C9B2A0-0084-4D10-8CC8-E0B659972792}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [{97671048-577F-461E-A897-097BCBF1ED24}] => (Allow) D:\Programme\Synergy\synergys.exe
FirewallRules: [UDP Query User{7500319B-2CF9-443F-A252-3C22F8D4EAD8}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [TCP Query User{10EBB3FC-16FC-4B2E-83A4-DF8638542A17}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [UDP Query User{4677EC9E-394D-4067-A0E7-A32D5F8AD13E}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{67BC321B-59B8-4CC4-85BB-4874BE3DDA93}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{DCDC105C-32FF-44A9-90D7-BDB99B939A3D}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{559799D2-E92E-4716-9302-F1D3B80B2769}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [UDP Query User{158CD29C-F5F5-463D-8772-FA257DE8B006}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{9EB2DED0-DDC0-494A-8B6F-AC0095436B01}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{AABF8BA5-81B8-42EB-A4A7-52D52340D38A}] => (Allow) LPort=1900
FirewallRules: [{E7E5E118-C166-435F-B44F-CB6B15A3E984}] => (Allow) LPort=2869
FirewallRules: [{8BF604C4-3DCE-4661-AC7F-248C98D8BBCD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{11714CE4-FDE5-4CD2-948C-F87BA0161397}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [TCP Query User{F4BB2557-42F1-4EDE-947D-21984F99849B}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [UDP Query User{2E69E92A-BC0F-43CD-BD62-8152B3DFCFBF}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [TCP Query User{8CB00356-EEAC-45C9-9B02-4DC3DCD019D3}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [{59F1648B-4EC2-4464-8D70-07398D3277F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9655E630-FD2B-477F-935A-B099ACA6CC89}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9237BF5E-D2AA-4170-8A52-5D21F5026AEF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E0F72C8A-995A-4CA0-9E0E-947FF69825D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [UDP Query User{CEE2CF2D-6726-4724-8F18-CD0386915983}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [TCP Query User{BBC091B2-196B-4298-9123-B57880675558}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [{ACD2EEA9-6303-4805-80D6-F893DBC3DEC2}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{37679D3B-22C7-441E-8C74-05F03229F600}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [UDP Query User{C5711CDC-D02A-403F-BABD-7CB222E7C5BA}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [TCP Query User{AACB4166-486E-44C9-9144-41B89B2D4C36}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [{5B8558F7-78CE-4B9E-8807-BE3A7ECBEAA7}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{953C693C-1395-4A24-AFF9-9603E4620A69}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{677FB6E7-2E4B-4CA3-9F66-D2E934499F76}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA9D9184-C5FC-4B0D-8165-A157356EAAD3}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4793B95-D94A-4819-B65E-B407FEFEBECF}] => (Allow) D:\Programme\Hercules WiFi\WiFi Station N\Rtldhcp.exe
FirewallRules: [{EB91B1B8-5EB7-4576-AE9F-3C2252B408FD}] => (Allow) LPort=53
FirewallRules: [{981A61B3-2087-4456-A671-6438657D7081}] => (Allow) LPort=53
FirewallRules: [{989E8CD2-9B61-4D74-A7E0-E66768360659}] => (Allow) LPort=68
FirewallRules: [{4D7C9518-04AA-4A65-AD66-0E3D057B5281}] => (Allow) LPort=67
FirewallRules: [{040AFE65-EAF9-4474-BB60-16AF65F9A06F}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{C080D89D-57E1-4F8A-A797-8FCC5605E435}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{5858909B-BE33-4C37-A45C-4F19F95B567E}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{3C868682-F800-4A45-AC47-15FD8E3866A8}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{1C47162F-906F-4FBD-970B-1734AC394BF0}] => (Allow) LPort=1542
FirewallRules: [{F2A42F04-92E8-47E2-A4D0-291E2767404F}] => (Allow) LPort=1542
FirewallRules: [{99249CA2-B0C6-41EE-AB41-390C886B67A6}] => (Allow) LPort=53
FirewallRules: [{CD15A26A-5EFF-4B5C-A71F-B1071E72E3C4}] => (Allow) D:\Programme\Firefox\firefox.exe
FirewallRules: [{CD1E7EC9-93A5-4E68-915C-C4E4DEAF5625}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{5162FA48-429A-4C58-80DB-9BC35598D786}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{A58AABD6-C737-42E1-AA29-DBCC37F5A84C}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0541F35-A58F-4D75-B07B-15B02B93A79E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A55F7C7A-5BC5-49F9-8F90-6711086DC828}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{6AC2EB43-E360-43E7-A9F0-BA7C4CE90581}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{C6F9C01C-FB0F-4905-AD46-AB11873D8667}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{CD6063B3-1106-46FF-93F9-EEE7DD4B2B31}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{5FFDABAB-DF82-445C-A825-BBED69916778}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BCB3820C-E844-4975-9564-D555F51DA011}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C637198C-981F-4339-ABA4-4C8901ED58DB}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
FirewallRules: [{FEBE2770-4BD6-4EDD-AD5C-3AE4B3D31F5D}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{04957A38-9767-4FB8-9219-8C86E7E9007C}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{421B369D-BD39-4563-825B-93C9D00FE367}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5DA2CF70-D8FE-4D82-AA04-07688139C690}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B6A6220A-0A79-4CA7-BEEE-37EE1EF02009}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{33BDF5C9-DDB5-4B21-978B-8D642FC2944A}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FAC6F82F-2188-4B26-9654-9EAD2532D09F}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{4AB61BCB-D819-46C1-981C-B8D5373E3EB1}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{E5128E6C-6F31-4053-9BCF-5A012621CAF2}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [UDP Query User{BC4421CB-80E6-4DC5-9D0F-360CAC2333FE}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [{532A6236-1134-4C06-B25A-8CED3D9889C0}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{3B9CFBB6-F641-45BA-BE23-3E7BECD1B7C9}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7F86BE2-B56F-4CF0-9AAF-716EC68DF793}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{1C6D81E2-7A13-4FE8-923E-1CE3626701C3}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [UDP Query User{64212B61-FE51-4CF1-A999-1F4176368480}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [{DB7CD632-356D-45B6-B34F-6C16E3DE3A88}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{D58DFCE1-A394-41AD-97C4-0FC00DA9124B}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F00F1495-705D-42C0-B52D-986B3E6E84AF}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{1ACDBE71-E4E9-483A-B605-A00205F63CC8}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{B0DC9B2E-25A0-4813-A50E-282DDB817750}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{AD1E481A-CA10-4FEA-B762-5E6FB769AA21}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{20A49020-4357-4C59-A241-35738852D653}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{813811C7-250D-480D-99FA-1B7F6A01707B}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{2C3606E9-2891-49D1-871C-CDCA43E26F17}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{97777FA6-9C44-4FB5-8F30-DDC4E4D5CA61}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{810B4087-29A3-42E9-9B15-79A87304AA0E}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8D01D1A4-424C-494A-9881-BA717E59CEC5}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A567D6BD-71E0-44A7-BE58-D82E89664419}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{45B3B229-80A7-4E6D-8CF5-36AC2C5EC183}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{B52D78CD-51F1-42E9-BD21-6516619D9795}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{973DDF6E-7AB4-4113-B018-67DC52CC7A10}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [{29F6FED4-3832-4FA6-A09C-D7B27F9F61C6}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{38CD8322-5103-4C8F-A831-57A318120A73}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{A078D75B-61B9-4892-AF73-DAA873C3DD2A}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{AD47C713-7A78-42D5-BC79-76938F868B17}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{DA102E3F-3218-4850-9BD2-8604C69F755E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [UDP Query User{3B8B2AC7-79C4-487B-B356-39DD81A1097E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [{4BE6CA9A-C9F2-4B5F-8C1F-11E6EA41EBFC}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [{7410F56F-71AA-48C9-A4E5-BC1EE228E05C}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{18C2F638-5FAA-4C6B-ABD2-18B682296B3E}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [UDP Query User{03D5B151-AEFF-4168-90A9-3EBD59130077}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [TCP Query User{280ADC29-3DCD-439A-90A3-552E6A77D5E6}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{E45FE307-4C7E-4FEF-AACD-29143A06A1E1}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{A5A88852-1BEE-4125-B280-C37CD641F3EF}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [UDP Query User{78DC1F8F-42CC-4F77-B024-F66A1076F042}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [{F9F085E5-84E2-41BF-9D82-16E69DFA6859}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{FE89FDC2-F4EC-4D0A-90C8-205D23C00894}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{837AAA17-907F-4022-8FEA-8CB08C96B9E0}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{99D71EFB-DEF0-49C8-BDA2-B126B8CC594A}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{E402AA54-B19F-4FEE-A657-CD7D5CC0D40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B3291579-8C66-413E-8941-3CD682949412}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5F2FC6D3-8725-4C42-A5B6-9EF9E6B9703D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{19465167-8102-4FCC-9115-53D6F9E7E519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB23F745-3825-4925-A188-E614BA9FEC6B}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{E55872BB-597D-4C83-A052-5BFA907E0CB1}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{6C0F7DE6-0D66-4E97-952B-06BC0C4CDB71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{483C009E-5D66-4B22-B156-522A960CE9D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1545ADCD-EE25-4B35-B997-5D839799056D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D4149CE-C651-4D44-B67E-0DAC638457F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B20BEC19-D01A-447B-A65E-E4D7B44FBF2C}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{9C942DB7-C8AB-4C61-A85E-9BFBAF15656F}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F01BF58E-2C30-4D10-BCB7-C392B50B9D46}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{AD612527-AD71-43BC-835D-E580888A39BF}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{703E0406-7185-462A-8766-E6F03C082BBD}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{72DCA22B-BEDF-4277-909D-027E0B607F76}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{712F8169-4A64-4624-87E4-1824E2A17D2C}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30CADEA3-A8A5-45E7-98A0-063453D5D7DF}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30F08DBA-D584-4804-802A-5BC07582ECED}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{38E6EE8D-893D-4E70-88D6-F7959235B6E9}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{40D623E8-1B93-44A8-A436-0F17D109FE1C}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{AB9F31BD-D567-4862-8C80-82E3171168AD}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{BEA05228-DA4B-4663-AB29-35101B3E720F}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{55379890-22FC-425E-87C5-108687B16478}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{94D54CD0-7ED0-4FDC-94A8-D7BABFFEC2B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6C16AD60-A79E-4F5C-9180-59ADFDC740F6}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{A791CEC0-88D1-435C-A119-8938D8AB1904}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{65CA07C2-5E42-4436-AEF2-1C3737F88EDB}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{6C4F96A3-C852-4A31-AF00-DA9C9F2FBB93}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{1FFFAF77-DD5B-4007-8F38-33A0199AD0E0}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{A0D0FE67-C630-44AD-8299-5771B58A188F}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{5CDCCEB7-22B1-4BC3-918F-FD6C2574105A}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C4383461-FE60-4CCE-B402-D15042238099}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{70D59486-A6A3-4A13-BEFD-5CBDF13CAD3D}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{6F82E02D-E318-4AB7-9AC4-40D2F7D68474}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EE534453-97E6-475E-9375-5627856E0527}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{75546729-045B-4E4B-AC8B-32FB3E9F91D3}] => (Allow) LPort=1689
FirewallRules: [{FE5524CD-31D8-404D-BE9F-6BBBD2793C1B}] => (Allow) LPort=1688
FirewallRules: [{D2518655-E8F5-4118-8048-070AE5C579DB}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{CAEE5C5F-7360-4D84-B761-00A87C3C0BB5}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{118C0F15-4F4E-4FF6-90A3-3931A462AB2D}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C624A013-B218-4367-94A9-A1DF9AD7B7B5}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Wiederherstellungspunkte =========================
04-02-2016 12:14:10 Windows Update
05-02-2016 13:07:07 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-02-2016 14:34:28 Windows Update
12-02-2016 15:12:33 Windows Update
15-02-2016 21:03:34 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/18/2016 03:56:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.10586.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16c
Startzeit: 01d16a5c8c924c2c
Beendigungszeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: d4833318-d64f-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{850b5dd6-d5d1-4686-8119-a7ad2c899624}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{90e0fd49-03fb-4987-8852-a2d856167f33}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{580c8ce5-1559-4742-9661-33c4822d2c3a}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3908
Startzeit: 01d16a5bdbc3e8ba
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2adab1a4-d64f-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:43:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.10586.20 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1200
Startzeit: 01d16a5956781510
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: ceee7200-d64d-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:33:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.10586.20 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2994
Startzeit: 01d16a589aa63ebd
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: 56afb66e-d64c-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:25:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1954
Startzeit: 01d16a553d77da7d
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 39fbb574-d64b-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:09:50 PM) (Source: MsiInstaller) (EventID: 1024) (User: KASKADEKING-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (02/18/2016 02:51:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASKADEKING-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Systemfehler:
=============
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/18/2016 03:59:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
 Code: 8 0x0 0x0
Error: (02/18/2016 03:59:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
 Code: 2 0xdeaddeed 0xeeec
Error: (02/18/2016 03:59:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
 Code: 1 0xc 0x4
Error: (02/18/2016 03:57:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_7e680 erreicht.
Error: (02/18/2016 03:57:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _7e680 erreicht.
 
CodeIntegrity:
===================================
  Date: 2016-02-11 17:29:08.364
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-02-11 13:42:12.036
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-31 14:22:33.092
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-30 09:54:28.092
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 18:28:03.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 18:16:18.014
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 15:07:10.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 15:00:30.393
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 14:58:24.104
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
  Date: 2016-01-29 14:57:07.832
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
==================== Speicherinformationen ===========================
Prozessor: AMD A8-6600K APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 7364.16 MB
Verfügbarer physikalischer RAM: 3487.28 MB
Summe virtueller Speicher: 13060.16 MB
Verfügbarer virtueller Speicher: 8571 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:107.86 GB) (Free:20.66 GB) NTFS
Drive d: (Daten) (Fixed) (Total:731.51 GB) (Free:368.97 GB) NTFS
Drive h: (UUI) (Removable) (Total:7.48 GB) (Free:6.51 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 72B5DD30)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DFE201F7)
Partition 1: (Not Active) - (Size=731.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 20AC7DDA)
No partition Table on disk 3.
==================== Ende von Addition.txt ============================

Kaskadeking 20.02.2016 16:59
Niemand da? :blabla:

deeprybka 29.02.2016 17:55
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.


Los geht's:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Kaskadeking 29.02.2016 18:41
Hallo :)


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (Administrator) auf KASKADEKING-PC (29-02-2016 18:27:39)
Gestartet von C:\Users\***\Desktop
Geladene Profile: KaskadekingDE (Verfügbare Profile: KaskadekingDE)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "D:\Programme\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Guillemot Corporation) C:\Windows\SysWOW64\HerculesWiFiService.exe
(JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(Sirrix AG) D:\Programme\BitBox\bin\BitBoxService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(SeriousBit) D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) D:\Programme\VMware\vmware-authd.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
() D:\Programme\Synergy\synergyd.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
konnte nicht auf den Prozess zugreifen -> firefox.exe
konnte nicht auf den Prozess zugreifen -> swi_lspdiag.exe
konnte nicht auf den Prozess zugreifen -> chrome.exe
konnte nicht auf den Prozess zugreifen -> firefox.exe
(Microsoft Corporation) D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) D:\Programme\Malwarebytes Anti-Malware\mbam.exe
() D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Ruiware) D:\Programme\WinPatrol\WinPatrol.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sirrix AG) D:\Programme\BitBox\bin\BitBoxTrayapp.exe
(Sirrix AG) D:\Programme\BitBox\bin\BITBstartApplicationAsUser.exe
(Sirrix AG) D:\Programme\BitBox\bin\bitb.exe
(Oracle Corporation) D:\Programme\VirtualBox\VBoxSVC.exe
(Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe
(Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe
(Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe
() D:\Programme\VirtualBox\VBoxNetNAT.exe
() D:\Programme\VirtualBox\VBoxNetNAT.exe
() D:\Programme\VirtualBox\VBoxNetNAT.exe
(Sirrix AG) D:\Programme\BitBox\bin\watchdog.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Epic Games, Inc.) D:\Programme\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
() D:\Programme\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
() D:\Programme\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => D:\Programme\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1418504 2016-01-03] (Sophos Limited)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [WinPatrol] => D:\Programme\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [FileHippo.com] => D:\Programme\FileHippo.com\FileHippo.AppManager.exe [10574544 2015-05-12] ()
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [BitTorrent] => C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe [1873952 2015-12-06] (BitTorrent Inc.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-20] (Spotify Ltd)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-12-02] (Sophos Limited)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{16b3da2f-3369-4f8c-958f-17af1676bbfc}: [DhcpNameServer] 10.175.0.1
Tcpip\..\Interfaces\{bd567df3-7c98-4f98-ae5e-f75c7867c650}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programme\Microsoft Office 2013\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\jre1.8.0_65\bin\ssv.dll [2015-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation)
BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programme\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-117306591-3796779208-521460896-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\bugzilla.xml [2015-07-07]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\vb-paradise-20.xml [2015-07-13]
FF Extension: HttpRequester - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-06-17]
FF Extension: DownThemAll! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-13]
FF Extension: Greasemonkey - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-21]
FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-25]
StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16]
CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16]
CHR Extension: (uBlock Origin) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-16]
CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Tampermonkey) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-16]
CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 BitBoxService; D:\Programme\BitBox\bin\BitBoxService.exe [738304 2016-02-01] (Sirrix AG) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-06-02] (Apple Inc.) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 EaseUS Agent; D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
S3 GalaxyClientService; D:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-11] (GOG.com)
R2 HerculesWiFi; C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation)
R2 jetbrainsetw.103.0.20150818.191753; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1479288 2015-08-18] (JetBrains s.r.o)
R2 MBAMScheduler; D:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; D:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NetBalancerService; D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts)
S3 OverwolfUpdater; D:\Programme\Overwolf\OverwolfUpdater.exe [1009904 2016-02-11] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-29] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-12-02] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-12-02] (Sophos Limited)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [489224 2016-01-03] (Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [331048 2016-01-03] (Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [909608 2016-01-03] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341768 2015-12-02] (Sophos Limited)
S3 Survarium-Steam Update Service; D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-12-25] ()
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300808 2015-12-02] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278600 2015-12-02] (Sophos Limited)
R2 Synergy; D:\Programme\Synergy\synergyd.exe [311488 2015-11-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 VMAuthdService; D:\Programme\VMware\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.)
R3 VSStandardCollectorService140; D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-29] (Realtek                                            )
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                          )
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-12-02] (Sophos Limited)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-12-02] (Sophos Limited)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-12-02] (Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-12-02] (Sophos Limited)
S3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-05-25] (The OpenVPN Project)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2016-01-29] (Oracle Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-02-05] (IDRIX)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WinDivert1.1; \??\D:\Programme\KMSpico\WinDivert.sys [X]
S3 XSplit_Dummy; \SystemRoot\system32\drivers\xspltspk.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-29 18:27 - 2016-02-29 18:28 - 00027082 _____ C:\Users\***\Desktop\FRST.txt
2016-02-28 16:52 - 2016-02-28 16:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Unreal Engine
2016-02-28 13:26 - 2016-02-28 13:26 - 00000000 ____D C:\Users\***\AppData\Local\UnrealEngineLauncher
2016-02-28 13:18 - 2016-02-28 16:53 - 00000000 ____D C:\Users\***\AppData\Local\UnrealEngine
2016-02-28 13:18 - 2016-02-28 13:18 - 00000000 ____D C:\Users\***\AppData\Local\EpicGamesLauncher
2016-02-28 13:17 - 2016-02-28 13:27 - 00001340 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-02-28 13:17 - 2016-02-28 13:27 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-02-28 13:17 - 2016-02-28 13:26 - 00000000 ____D C:\ProgramData\Epic
2016-02-25 17:02 - 2016-02-25 17:02 - 00000137 _____ C:\Users\***\Desktop\SteamVR Performance Test.url
2016-02-23 20:12 - 2016-02-23 20:12 - 00000794 _____ C:\Users\***\Desktop\Start Tor Browser.lnk
2016-02-23 20:12 - 2016-02-23 20:12 - 00000794 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-02-23 15:59 - 2016-02-23 15:59 - 00000000 ____D C:\Users\***\AppData\Roaming\Conway's Game Of Life
2016-02-22 19:40 - 2016-02-22 19:42 - 00000000 ____D C:\Users\***\AppData\Roaming\QtProject
2016-02-22 17:49 - 2016-02-22 17:49 - 00000000 ____D C:\Users\***\Desktop\Neuer Ordner
2016-02-20 18:40 - 2016-02-20 18:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Trove
2016-02-20 11:00 - 2016-02-20 11:00 - 00000212 _____ C:\Users\***\Desktop\Trove.url
2016-02-19 14:45 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Downloads\bookmarks-2016-02-15.json
2016-02-19 12:32 - 2016-02-19 12:32 - 00000802 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2016-02-19 12:32 - 2016-02-19 12:32 - 00000802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2016-02-19 12:32 - 2016-02-19 12:32 - 00000000 ____D C:\Users\***\AppData\Roaming\Sirrix AG
2016-02-19 12:32 - 2016-02-19 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2016-02-19 12:31 - 2016-02-19 12:31 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-02-18 16:20 - 2016-02-18 16:20 - 02371072 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2016-02-18 16:20 - 2016-02-18 16:20 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion
2016-02-18 15:24 - 2016-02-18 15:24 - 00001655 _____ C:\Users\***\Desktop\Twitter Downloader.lnk
2016-02-18 15:03 - 2016-02-19 12:07 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-02-16 16:54 - 2016-02-16 16:54 - 00002331 _____ C:\Users\***\Desktop\Google Chrome.lnk
2016-02-16 16:37 - 2015-12-02 18:11 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-16 16:35 - 2016-02-16 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-16 16:27 - 2016-02-16 16:28 - 00127698 _____ C:\WINDOWS\ntbtlog.txt
2016-02-16 15:52 - 2016-02-29 18:27 - 00000000 ____D C:\FRST
2016-02-15 17:46 - 2016-02-15 17:46 - 00000696 _____ C:\Users\Public\Desktop\EasyBCD 2.2.lnk
2016-02-15 17:46 - 2016-02-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2016-02-15 17:32 - 2016-02-17 16:06 - 00000000 ____D C:\NST
2016-02-15 17:12 - 2016-02-15 17:12 - 00000000 ____D C:\Users\***\AppData\Local\NeoSmart_Technologies
2016-02-15 14:50 - 2016-02-15 14:50 - 00000173 _____ C:\Users\***\.gitconfig
2016-02-15 13:48 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Desktop\bookmarks-2016-02-15.json
2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam
2016-02-12 17:58 - 2016-02-12 17:58 - 00000000 ____D C:\ProgramData\KONAMI
2016-02-10 16:25 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 16:25 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 16:25 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 16:25 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 16:25 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 16:25 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 16:25 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 16:25 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 16:25 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 16:25 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 16:25 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 16:25 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 16:25 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 16:25 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 16:25 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 16:25 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 16:25 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 16:25 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 16:25 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 16:25 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 16:25 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 16:25 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 16:25 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 16:25 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 16:25 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 16:25 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 16:25 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 16:24 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 16:24 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 16:24 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 16:24 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 16:24 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 16:24 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 16:24 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 16:24 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 16:24 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 16:24 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 16:24 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 16:24 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 16:24 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 16:24 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 16:24 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 16:24 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 16:24 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 16:24 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 16:24 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 16:24 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 16:24 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 16:24 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 16:24 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 16:24 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 16:24 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 16:24 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 16:24 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 16:24 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 16:24 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 16:24 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 16:24 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 16:24 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 16:24 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 16:24 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 16:24 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 16:24 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 16:24 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 16:24 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 20:11 - 2016-02-09 20:11 - 00000836 _____ C:\Users\***\AppData\Local\recently-used.xbel
2016-02-05 13:14 - 2016-02-05 13:14 - 00000212 _____ C:\Users\***\Desktop\Pro Evolution Soccer 2016 myClub.url
2016-02-05 09:57 - 2016-02-05 09:57 - 00195416 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2016-02-05 09:57 - 2016-02-05 09:57 - 00000747 _____ C:\Users\***\Desktop\VeraCrypt.lnk
2016-02-05 09:57 - 2016-02-05 09:57 - 00000000 ____D C:\Users\***\AppData\Roaming\VeraCrypt
2016-02-01 18:24 - 2016-02-01 18:25 - 00000000 ____D C:\ProgramData\Overwolf
2016-02-01 18:24 - 2016-02-01 18:24 - 00003766 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2016-02-01 18:24 - 2016-02-01 18:24 - 00000856 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-02-01 18:24 - 2016-02-01 18:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-02-01 18:22 - 2016-02-01 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Overwolf
2016-01-31 13:55 - 2016-02-16 16:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-29 18:15 - 2015-12-06 18:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 18:15 - 2015-05-30 18:26 - 00000000 ____D C:\Users\***\AppData\Roaming\eM Client
2016-02-29 18:15 - 2015-05-30 18:25 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2016-02-29 18:15 - 2015-05-30 18:25 - 00000000 ____D C:\Program Files (x86)\eM Client
2016-02-29 18:10 - 2015-05-30 18:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-29 18:09 - 2015-12-06 18:01 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-28 21:53 - 2015-05-30 15:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A816AD26-8DB1-4860-ADDE-5794E0E9DEB5}
2016-02-28 21:45 - 2015-06-15 20:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-28 20:46 - 2015-06-04 20:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-02-28 20:03 - 2015-06-29 15:19 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2016-02-28 16:49 - 2015-11-29 15:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-27 22:05 - 2015-11-29 15:22 - 00000000 ____D C:\Users\***
2016-02-27 21:38 - 2015-07-08 12:28 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2016-02-27 18:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-27 18:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-27 09:31 - 2015-11-29 15:22 - 02011300 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 09:31 - 2015-10-30 19:35 - 00855194 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-27 09:31 - 2015-10-30 19:35 - 00188946 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-27 09:31 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-27 09:25 - 2015-11-29 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-27 09:25 - 2015-08-13 17:48 - 00000000 ____D C:\ProgramData\VMware
2016-02-26 21:27 - 2015-07-11 08:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify
2016-02-26 15:57 - 2015-07-11 08:58 - 00000000 ____D C:\Users\***\AppData\Local\Spotify
2016-02-26 15:56 - 2015-06-08 16:47 - 00000000 ____D C:\Users\***\AppData\Roaming\Qt
2016-02-26 15:52 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-25 14:51 - 2015-10-04 09:12 - 00000000 ____D C:\Users\***\AppData\Local\Syncthing
2016-02-24 16:07 - 2015-08-13 09:40 - 00000000 ____D C:\Users\***\AppData\Local\ElevatedDiagnostics
2016-02-21 21:21 - 2015-05-30 18:40 - 00000000 ____D C:\ProgramData\Origin
2016-02-19 22:18 - 2015-12-06 18:04 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 12:17 - 2015-12-19 17:46 - 00001849 _____ C:\Users\***\Desktop\UnlockPass.lnk
2016-02-19 12:11 - 2016-01-23 12:08 - 00002245 _____ C:\Users\***\Desktop\Discord.lnk
2016-02-19 12:11 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-02-19 12:11 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Local\Discord
2016-02-19 12:11 - 2015-06-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\SquirrelTemp
2016-02-18 21:32 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-18 21:32 - 2015-04-10 09:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-02-18 15:56 - 2016-01-21 14:37 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-18 15:10 - 2015-06-09 14:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 16:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-17 16:04 - 2015-12-30 13:07 - 00000000 ____D C:\Users\***\AppData\Local\Deployment
2016-02-16 19:25 - 2015-05-30 16:40 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft
2016-02-16 16:20 - 2015-12-16 21:01 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer
2016-02-16 16:20 - 2015-06-23 15:28 - 00000000 ____D C:\Users\***\AppData\Roaming\BitTorrent
2016-02-16 15:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-15 21:15 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\.VirtualBox
2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Roaming\GitHub
2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Local\GitHub
2016-02-14 20:17 - 2015-08-01 12:19 - 00007625 _____ C:\Users\***\AppData\Local\Resmon.ResmonCfg
2016-02-14 18:08 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Local\VMware
2016-02-14 17:53 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Roaming\VMware
2016-02-14 17:52 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\VirtualBox VMs
2016-02-14 13:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-12 21:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 13:43 - 2015-04-15 09:17 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 20:33 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 18:32 - 2016-01-29 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-10 18:27 - 2015-01-23 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 18:18 - 2015-01-23 13:16 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 18:17 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 20:17 - 2015-12-03 15:07 - 00000000 ____D C:\Users\***\.gimp-2.8
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 16:09 - 2015-12-06 18:01 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 16:09 - 2015-12-06 18:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 22:57 - 2015-08-03 19:44 - 00000000 ____D C:\Users\***\AppData\Roaming\TS3Client
2016-01-30 19:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-30 15:45 - 2016-01-29 14:53 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2016-01-30 09:54 - 2015-11-29 15:20 - 00360472 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-14 12:43 - 2015-11-14 12:43 - 0000000 _____ () C:\Users\***\AppData\Local\debuggee.mdmp
2016-02-09 20:11 - 2016-02-09 20:11 - 0000836 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2015-08-01 12:19 - 2016-02-14 20:17 - 0007625 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-11-29 15:21 - 2015-11-29 15:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\procexp64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-21 19:17

==================== Ende von FRST.txt ============================
--- --- ---


1/2

Kaskadeking 29.02.2016 18:42
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (2016-02-29 18:29:08)
Gestartet von C:\Users\***\Desktop
Windows 10 Home (X64) (2015-11-29 14:42:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-117306591-3796779208-521460896-500 - Administrator - Disabled)
BitBox (S-1-5-21-117306591-3796779208-521460896-1011 - Limited - Enabled)
DefaultAccount (S-1-5-21-117306591-3796779208-521460896-503 - Limited - Disabled)
Gast (S-1-5-21-117306591-3796779208-521460896-501 - Limited - Disabled)
KaskadekingDE (S-1-5-21-117306591-3796779208-521460896-1001 - Administrator - Enabled) => C:\Users\***
SophosSAUKASKADEKIN0 (S-1-5-21-117306591-3796779208-521460896-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Home (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Home (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur  Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist  aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme  sollten manuell deinstalliert werden.)

7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adobe  Acrobat Reader DC - Deutsch  (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version:  15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Amberlight (HKLM\...\Amberlight_is1) (Version: 1.2.1 - Escape Motions, s.r.o)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD  Catalyst Install Manager  (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 -  Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Artipic (HKLM-x32\...\{C8A6CFF8-9D80-4C6C-B490-805AD9F2906B}}_is1) (Version: 2.3.3.8 - Artipic AB)
Atom (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\atom) (Version: 0.210.0 - GitHub Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BitTorrent (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.2.3-r170 - Sirrix AG)
Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Bytescout  BarCode Generator SDK (HKLM\...\Bytescout BarCode Generator SDK (DEMO)  for .NET,~C2143553_is1) (Version: 4.31.773 - ByteScout)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
CMake 3.2.3, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.2.3) (Version: 3.2.3 - Kitware)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.7.0 - oldsch00l)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Discord) (Version: 0.0.284 - Hammer & Chisel, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version:  - Trendy Entertainment)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Home 8.3  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Emily is Away (HKLM-x32\...\Steam App 417860) (Version:  - Kyle Seeley)
Entity  Framework 6.1.3 Tools  for Visual Studio 2015  (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version:  14.0.40302.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{F536F039-8E81-4FF0-9C33-C8DBCC0482C5}) (Version: 1.1.58.0 - Epic Games, Inc.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Gemeinsam  genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket  (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation)  Hidden
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version:  - RobTop Games)
GhostDoc Community (HKLM-x32\...\{134A5765-D59B-4160-8C70-B84BF9F53DF9}) (Version: 5.0.15325.0 - SubMain)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.1.0.0 - Hercules)
Hi-Rez  Studios Authenticate and Update Service  (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 -  Hi-Rez Studios)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
ILMergeGui (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\62cf57378a6f68a5) (Version: 2.0.9.0 - ILMergeGui)
Inno Setup Version 5.5.6 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.6 - jrsoftware.org)
IntelliJ IDEA 14.1.3 (HKLM-x32\...\IntelliJ IDEA 14.1.3) (Version: 141.1010.3 - JetBrains s.r.o.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java  SE Development Kit 8 Update 45 (64-bit)  (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 -  Oracle Corporation)
JetBrains dotMemory 4.4  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{b8a6d796-db4f-58ea-aae4-a79c5c50ae08})  (Version: 2015.2 - JetBrains s.r.o.)
JetBrains dotTrace 6.2  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{88c98260-375d-5bfa-b13a-ed37aa84b268})  (Version: 2015.2 - JetBrains s.r.o.)
JetBrains ETW Host Service (x32 Version: 103.0.4.0 - JetBrains s.r.o) Hidden
JetBrains  ReSharper Ultimate in Visual Studio 2015  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513})  (Version: 2015.2 - JetBrains s.r.o.)
Jumpbox (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Jumpbox) (Version:  - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lethal League (HKLM-x32\...\Steam App 261180) (Version:  - Team Reptile)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft  .NET Framework 4.5 Multi-Targeting Pack  (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version:  4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1  Multi-Targeting Pack (ENU)  (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version:  4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1  Multi-Targeting Pack  (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version:  4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK  (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79})  (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework  4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3})  (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework  4.5.2 Multi-Targeting Pack (ENU)  (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version:  4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2  Multi-Targeting Pack  (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version:  4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK  (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C})  (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework  4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version:  4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6  Targeting Pack (ENU)  (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version:  4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6  Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65})  (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version  Manager (x64) 1.0.0-beta5  (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 -  Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft  Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer  2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft  SQL Server 2005 Compact Edition [ENU]  (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line  Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version:  11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native  Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version:  11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014  Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version:  12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014  Management Objects  (x64)  (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 -  Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL  ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version:  12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL  Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE})  (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server  Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 -  Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU  (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 -  Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU  (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB})  (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server  Data Tools - enu (14.0.50616.0)  (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version:  14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server 2014  Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E})  (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR  Types for SQL Server 2014  (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11  - Microsoft Corporation)
Microsoft System CLR Types for SQL Server  2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version:  12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005  Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2})  (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++  2005 Redistributable  (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version:  8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x64 9.0.21022  (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 -  Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable -  x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE})  (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++  2008 Redistributable - x64 9.0.30729.4148  (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version:  9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x64 9.0.30729.6161  (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version:  9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x86 9.0.21022  (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version:  9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x86 9.0.30729.17  (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x86 9.0.30729.4148  (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version:  9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008  Redistributable - x86 9.0.30729.6161  (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 -  Microsoft Corporation)
Microsoft Visual C++ 2010  x86  Redistributable - 10.0.40219  (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version:  10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  Redistributable (x64) - 11.0.61030  (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version:  11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012  Redistributable (x86) - 11.0.50727  (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version:  11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012  Redistributable (x86) - 11.0.61030  (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version:  11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013  Redistributable (x64) - 12.0.30501  (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version:  12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013  Redistributable (x86) - 12.0.30501  (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version:  12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC  Redistributable (x64) - 14.0.22816  (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version:  14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC  Redistributable (x86) - 14.0.22816  (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version:  14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015  Redistributable (x64) - 14.0.23026  (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version:  14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015  Redistributable (x86) - 14.0.23026  (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version:  14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010  Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010  Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft  Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit  (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools  for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 -  Microsoft Corporation)
Microsoft Visual Studio Community 2015  (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version:  14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft  XNA Framework Redistributable 4.0  (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version:  4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
MonoGame SDK (HKLM-x32\...\MonoGame) (Version: 3.4.0.456 - The MonoGame Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML  4.0 SP3 Parser (KB2758694)  (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version:  4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
Node.js (HKLM\...\{8C13D15E-D6C0-4ACB-A03C-1AE18931F3CE}) (Version: 4.2.2 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.14_Sirrix (HKLM\...\{98048387-2E41-426D-A8BA-DA9948BF8408}) (Version: 5.0.14 - Sirrix AG)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.21.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket  zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1  (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923})  (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von  Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows  Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation)  Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET  Framework 4.5.2 (Deutsch)  (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version:  4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von  Zielversionen für Microsoft .NET Framework 4.6 (Deutsch)  (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version:  4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Pro Evolution Soccer 2016 myClub (HKLM-x32\...\Steam App 407250) (Version:  - Konami Digital Entertainment)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Qt  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{ac87b106-fe35-4fb0-a62c-ec8af1029b78})  (Version: 2.0.1 - The Qt Company Ltd)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek  High Definition Audio Driver  (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version:  - )
Service  Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition  (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26})  (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SMITE (HKLM-x32\...\Steam App 386360) (Version:  - Hi-Rez Studios)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.5.3 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.1.2.0 - Sophos Limited)
Sophos Management Communications System (HKLM-x32\...\{1FFD3F20-5D24-4C9A-B9F6-A207A53CF179}) (Version: 2.0.1 - Sophos Limited)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
Spotify (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR Performance Test (HKLM-x32\...\Steam App 323910) (Version:  - Valve)
Survarium (HKLM-x32\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.34a - )
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version:  - Sven Co-op Team)
Synergy (64-bit) (HKLM\...\{68C1AA13-4370-4761-B53F-1862C2CE26CB}) (Version: 1.7.5 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak  3 Client  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\TeamSpeak 3  Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript  Tools for Microsoft Visual Studio 2015 1.5.3.0  (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version:  1.5.23115.0 - Microsoft Corporation)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.12.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS)
Unity  Web Player  (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\UnityWebPlayer)  (Version: 5.1.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update  for Skype for Business 2015 (KB3039776) 64-Bit Edition  (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362})  (Version:  - Microsoft)
Update for Skype for Business 2015  (KB3114732) 64-Bit Edition  (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84})  (Version:  - Microsoft)
Update for Skype for Business 2015  (KB3114732) 64-Bit Edition  (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84})  (Version:  - Microsoft)
Update for Skype for Business 2015  (KB3114732) 64-Bit Edition  (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84})  (Version:  - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
Video to GIF 5.2 (HKLM-x32\...\Video to GIF) (Version: 5.2 - AoaoPhoto Digital Studio.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.12 - Ruiware)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wizard Chess (HKLM-x32\...\{7EDF4B2F-12CD-446A-B520-04C724FD01F0}) (Version: 1.00.0000 - IncaGold)
Wizard101(DE) (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Wizard101(DE)_is1) (Version:  - Gameforge 4D GmbH)
Xamarin (HKLM-x32\...\{70E3C7E9-E984-4135-942B-52963D0B7039}) (Version: 3.11.590.0 - Xamarin)
Xamarin Studio 5.9.3 (HKLM-x32\...\{16D3BA45-EA63-46F0-968C-D9627C2A8325}) (Version: 5.9.3.1 - Xamarin)
Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn  ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry  entfernt. Die Datei wird nicht verschoben solange sie nicht separat  aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn  ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry  entfernt. Die Datei wird nicht verschoben solange sie nicht separat  aufgelistet wird.)

Task: {05ADF184-AC01-4BC3-B2E5-98BC702002B5} -  System32\Tasks\Overwolf Updater Task =>  D:\Programme\Overwolf\OverwolfUpdater.exe [2016-02-11] (Overwolf LTD)
Task:  {1829ECFA-894B-4244-8029-CC89588CBE94} -  System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn =>  C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {22034237-860F-4919-A56E-6B7E1801E579} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task:  {2430B91C-8D5C-49EC-BA8E-10AFC8ABA5DF} -  System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack =>  C:\Program Files\Microsoft Office\Office15\msoia.exe
Task:  {2F43E5B9-4E07-4A9E-AF27-440ECA8184E3} -  System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat =>  C:\Program Files\Common Files\Microsoft  Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft  Corporation)
Task: {34F2651E-101F-4CDC-9734-9854C940288C} -  System32\Tasks\WiFiN => D:\Programme\Hercules WiFi\WiFi Station  N\WiFiN.exe [2012-09-26] ()
Task:  {49E95BCB-F7AC-4A23-9E75-DF3955DB6A38} -  System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files  (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task:  {4B93025F-70D9-4D34-8FEF-91E08A1F1AAA} -  \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei  <==== ACHTUNG
Task: {66DEC9EC-C7E5-4C08-886C-39628DAE2F69} -  System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files  (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task:  {88DBA2F1-5099-434F-B42A-E1EF0C79CCBC} - System32\Tasks\Adobe Acrobat  Update Task => C:\Program Files (x86)\Common  Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems  Incorporated)
Task: {8C86B49E-B6CB-4EB0-AA6C-2C6B062C496D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task:  {99952BA4-4F55-4B26-840C-1A515DAC9524} -  \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei  <==== ACHTUNG
Task: {A5844AE5-7238-4D95-8F90-11A89510DFA0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task:  {A61971F0-2372-4F59-8FE4-01A661B3D632} -  \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei  <==== ACHTUNG
Task: {A6412D8C-E11E-49DE-AA02-F12085622173} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task:  {B85BD12C-1C2B-4D11-B6AE-AB6713412D16} -  \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine  Datei <==== ACHTUNG
Task: {D158BD57-5782-404E-935E-08BE45754DC0} -  \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei  <==== ACHTUNG
Task: {D200A9DC-F5EC-4DFF-9298-BCEDFD97EFA4} -  System32\Tasks\CCleanerSkipUAC => C:\Program  Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task:  {DCC06BCC-1BF0-49DF-B1ED-861D343F94AC} - System32\Tasks\Adobe Flash  Player Updater =>  C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  [2016-02-10] (Adobe Systems Incorporated)
Task:  {E0E9B1E2-FFF4-40C8-B009-F979C830C131} -  \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine  Datei <==== ACHTUNG
Task: {E9ECD999-20E2-4CB3-A9DB-75D03B2CD2E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EA8DC422-7597-4E80-9867-A63A73F99147} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task:  {EDA33C9F-9A3A-4379-BB7F-8E1D91280A27} -  System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB =>  C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)

(Wenn  ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe  verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht  verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\***\Desktop\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
Shortcut:  C:\Users\***\AppData\Roaming\Microsoft\Windows\Start  Menu\Programs\Sauerbraten\Sauerbraten.lnk ->  D:\Programme\Sauerbraten\sauerbraten.bat ()

ShortcutWithArgument:  C:\Users\***\AppData\Roaming\Microsoft\Windows\Start  Menu\Programs\Qt\5.4\MSVC 2013 OpenGL (64-bit)\Qt 5.4 64-bit for Desktop  (MSVC 2013 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft  Corporation) -> /A /Q /K D:\Qt\5.4\msvc2013_64_opengl\bin\qtenv2.bat
ShortcutWithArgument:  C:\Users\***\AppData\Roaming\Microsoft\Windows\Start  Menu\Programs\Qt\5.4\MinGW 4.9 (32-bit)\Qt 5.4 for Desktop (MinGW 4.9 32  bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)  -> /A /Q /K D:\Qt\5.4\mingw491_32\bin\qtenv2.bat
ShortcutWithArgument:  C:\Users\***\AppData\Roaming\Microsoft\Windows\Start  Menu\Programs\Node.js\Node.js command prompt.lnk ->  C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "D:\Program  Files (x86)\NodeJS\nodevars.bat"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-11-04  16:43 - 2015-11-04 16:43 - 00214528 _____ () C:\Program Files\ATI  Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-29 12:04 - 2015-12-29 12:19 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-19 20:19 - 2015-11-19 20:19 - 00311488 _____ () D:\Programme\Synergy\synergyd.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 08:45 - 2012-09-26 13:29 - 01250712 _____ () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-02 16:18 - 2015-06-02 16:18 - 00043480 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2015-12-18  18:35 - 2015-12-07 05:14 - 00093696 _____ ()  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13  17:12 - 2016-01-05 02:29 - 07992832 _____ ()  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13  17:12 - 2016-01-05 02:23 - 00591360 _____ ()  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28  15:25 - 2016-01-16 06:10 - 02483200 _____ ()  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28  15:25 - 2016-01-16 06:13 - 04089856 _____ ()  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-01-29 11:26 - 2016-01-29 11:26 - 01060576 _____ () D:\Programme\VirtualBox\VBoxNetNAT.exe
2016-01-22  14:31 - 2016-01-22 14:32 - 00144384 _____ () C:\Program  Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-28  13:20 - 2016-02-28 13:25 - 00001024 _____ () D:\Programme\Epic  Games\Launcher\Engine\Binaries\ThirdParty\ICU\icu4c-53_1\Win64\VS2013\icudt53.dll
2016-02-28  13:20 - 2016-02-28 13:25 - 59334656 _____ () D:\Programme\Epic  Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2016-02-28  13:20 - 2016-02-28 13:25 - 02096640 _____ () D:\Programme\Epic  Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2016-02-28  13:20 - 2016-02-28 13:25 - 00087040 _____ () D:\Programme\Epic  Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2016-02-28  13:20 - 2016-02-28 13:25 - 09384896 _____ () D:\Programme\Epic  Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
2013-01-11  20:05 - 2013-01-11 20:05 - 00228264 _____ () C:\Program Files  (x86)\Common Files\Microsoft Shared\Phone  Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2015-05-30 17:50 - 2014-12-14 23:53 - 00098856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CodeLog.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00017448 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CompressFile.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00088616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 01296424 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00060968 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\zlib1.dll
2015-05-30 17:50 - 2015-03-14 10:53 - 00107560 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActivationOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\logsys.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00030248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DiskSearchImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00068136 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\MountImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00158248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00281128 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DsImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00072232 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CheckImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00139816 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\vhdvmdk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037416 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\BootDriver.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00759848 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ExImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00193064 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBackupSize.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00407080 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00148008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumDisk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00076840 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FatLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00207912 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00024616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\GetDriverInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020520 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CorrectMbr.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00032296 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumTapeDevice.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00034856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbTapeBrowse.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00064040 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\RegLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00022568 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AccountManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00115752 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NasOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00194088 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBrowser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CloudOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037928 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActiveOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00135720 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\VMConfig.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidDeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00043048 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbDataSwap.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00353832 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00027176 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceAdapter.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00137256 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Device.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00096808 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBFireWall.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00146984 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Partition.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00050216 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FileSystemAnalyser.dll
2015-05-30  17:50 - 2014-12-14 23:53 - 00061992 _____ () D:\Programme\EaseUS Todo  Backup\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00089640 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Common.dll
2015-05-30  17:50 - 2014-12-14 23:53 - 00056360 _____ () D:\Programme\EaseUS Todo  Backup\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () D:\Programme\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () D:\Programme\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () D:\Programme\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () D:\Programme\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () D:\Programme\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () D:\Programme\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () D:\Programme\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () D:\Programme\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () D:\Programme\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () D:\Programme\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () D:\Programme\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () D:\Programme\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () D:\Programme\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () D:\Programme\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () D:\Programme\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () D:\Programme\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () D:\Programme\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () D:\Programme\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () D:\Programme\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () D:\Programme\BitBox\bin\win32net.pyd
2016-01-03  10:46 - 2016-01-03 10:46 - 00306472 _____ () C:\Program Files  (x86)\Sophos\Management Communications System\Endpoint\log4cplus.dll
2015-05-31 06:59 - 2015-05-31 06:59 - 01301696 _____ () D:\Programme\VMware\libxml2.dll
2014-02-15 15:29 - 2014-02-15 15:29 - 01853440 _____ () D:\Programme\BitBox\bin\PySide.QtCore.pyd
2014-02-15 15:25 - 2014-02-15 15:25 - 00110592 _____ () D:\Programme\BitBox\bin\pyside-python2.7.dll
2014-02-15 15:24 - 2014-02-15 15:24 - 00108544 _____ () D:\Programme\BitBox\bin\shiboken-python2.7.dll
2014-02-15 15:47 - 2014-02-15 15:47 - 06947328 _____ () D:\Programme\BitBox\bin\PySide.QtGui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00042496 _____ () D:\Programme\BitBox\bin\win32service.pyd
2014-04-30 08:25 - 2014-04-30 08:25 - 00036352 _____ () D:\Programme\BitBox\bin\_psutil_windows.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00128512 _____ () D:\Programme\BitBox\bin\_elementtree.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00127488 _____ () D:\Programme\BitBox\bin\pyexpat.pyd
2016-01-22  14:31 - 2016-01-22 14:32 - 00141312 _____ () C:\Program  Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22  14:31 - 2016-01-22 14:34 - 22330368 _____ () C:\Program  Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-12  21:29 - 2016-02-12 21:29 - 00552960 _____ ()  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\cc0ac0ce661546619504ae4bda015336\LinqBridge.ni.dll
2016-02-12  21:30 - 2016-02-12 21:30 - 01570816 _____ ()  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d52ba91105e028f9307ac1a0e5f63a12\WindowsAPICodePack.ni.dll
2015-03-27 12:19 - 2015-03-27 12:19 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2015-12-20  16:34 - 2015-12-20 16:34 - 00083456 _____ ()  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\5a5f3ab9496147415a2aee4ef0820a63\SystemCoreTimeZone.ni.dll
2016-02-12  21:29 - 2016-02-12 21:29 - 00639488 _____ ()  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\a1f68054ecaf1db78eecd45d3aa49931\HtmlInterop.ni.dll
2011-01-12 02:00 - 2011-01-12 02:00 - 00195584 _____ () D:\Programme\Open Codecs\dsfOggDemux2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn  ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry  entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\localhost -> hxxps://localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-02-14 12:55 - 00001252 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control  Panel\Desktop\\Wallpaper ->  C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System  => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3)  (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "My Daily Wallpaper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "CyberGhost"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn  ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry  entfernt. Die Datei wird nicht verschoben solange sie nicht separat  aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules:  [UDP Query  User{C4141F71-C3A1-4F34-86B7-867903A2A6F6}D:\programme\synergy\synergy.exe]  => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [TCP  Query  User{D4C9B2A0-0084-4D10-8CC8-E0B659972792}D:\programme\synergy\synergy.exe]  => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [{97671048-577F-461E-A897-097BCBF1ED24}] => (Allow) D:\Programme\Synergy\synergys.exe
FirewallRules:  [UDP Query  User{7500319B-2CF9-443F-A252-3C22F8D4EAD8}D:\bibliotheken\dokumente\visual  studio  2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules:  [TCP Query  User{10EBB3FC-16FC-4B2E-83A4-DF8638542A17}D:\bibliotheken\dokumente\visual  studio  2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules:  [UDP Query  User{4677EC9E-394D-4067-A0E7-A32D5F8AD13E}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe]  => (Allow)  D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules:  [TCP Query  User{67BC321B-59B8-4CC4-85BB-4874BE3DDA93}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe]  => (Allow)  D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules:  [{DCDC105C-32FF-44A9-90D7-BDB99B939A3D}] => (Allow)  D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules:  [{559799D2-E92E-4716-9302-F1D3B80B2769}] => (Allow)  D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules:  [UDP Query  User{158CD29C-F5F5-463D-8772-FA257DE8B006}D:\programme\java\jre1.8.0_65\bin\java.exe]  => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules:  [TCP Query  User{9EB2DED0-DDC0-494A-8B6F-AC0095436B01}D:\programme\java\jre1.8.0_65\bin\java.exe]  => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{AABF8BA5-81B8-42EB-A4A7-52D52340D38A}] => (Allow) LPort=1900
FirewallRules: [{E7E5E118-C166-435F-B44F-CB6B15A3E984}] => (Allow) LPort=2869
FirewallRules: [{8BF604C4-3DCE-4661-AC7F-248C98D8BBCD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules:  [UDP Query  User{11714CE4-FDE5-4CD2-948C-F87BA0161397}D:\stuff\server\gmod\srcds.exe]  => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [TCP  Query  User{F4BB2557-42F1-4EDE-947D-21984F99849B}D:\stuff\server\gmod\srcds.exe]  => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [UDP  Query  User{2E69E92A-BC0F-43CD-BD62-8152B3DFCFBF}D:\bibliotheken\dokumente\visual  studio  2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules:  [TCP Query  User{8CB00356-EEAC-45C9-9B02-4DC3DCD019D3}D:\bibliotheken\dokumente\visual  studio  2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [{59F1648B-4EC2-4464-8D70-07398D3277F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9655E630-FD2B-477F-935A-B099ACA6CC89}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9237BF5E-D2AA-4170-8A52-5D21F5026AEF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E0F72C8A-995A-4CA0-9E0E-947FF69825D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules:  [UDP Query  User{CEE2CF2D-6726-4724-8F18-CD0386915983}D:\stuff\syncthing\syncthing.exe]  => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [TCP  Query  User{BBC091B2-196B-4298-9123-B57880675558}D:\stuff\syncthing\syncthing.exe]  => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules:  [{ACD2EEA9-6303-4805-80D6-F893DBC3DEC2}] => (Allow)  D:\Programme\Steam\steamapps\common\Dungeon Defenders  2\DunDefLauncher.exe
FirewallRules:  [{37679D3B-22C7-441E-8C74-05F03229F600}] => (Allow)  D:\Programme\Steam\steamapps\common\Dungeon Defenders  2\DunDefLauncher.exe
FirewallRules: [UDP Query  User{C5711CDC-D02A-403F-BABD-7CB222E7C5BA}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe]  => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules:  [TCP Query  User{AACB4166-486E-44C9-9144-41B89B2D4C36}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe]  => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules:  [{5B8558F7-78CE-4B9E-8807-BE3A7ECBEAA7}] => (Allow)  D:\Programme\Steam\steamapps\common\Spooky's House of Jump  Scares\SPOOKY.exe
FirewallRules:  [{953C693C-1395-4A24-AFF9-9603E4620A69}] => (Allow)  D:\Programme\Steam\steamapps\common\Spooky's House of Jump  Scares\SPOOKY.exe
FirewallRules:  [{677FB6E7-2E4B-4CA3-9F66-D2E934499F76}] => (Allow)  D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules:  [{BA9D9184-C5FC-4B0D-8165-A157356EAAD3}] => (Allow)  D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4793B95-D94A-4819-B65E-B407FEFEBECF}] => (Allow) D:\Programme\Hercules WiFi\WiFi Station N\Rtldhcp.exe
FirewallRules: [{EB91B1B8-5EB7-4576-AE9F-3C2252B408FD}] => (Allow) LPort=53
FirewallRules: [{981A61B3-2087-4456-A671-6438657D7081}] => (Allow) LPort=53
FirewallRules: [{989E8CD2-9B61-4D74-A7E0-E66768360659}] => (Allow) LPort=68
FirewallRules: [{4D7C9518-04AA-4A65-AD66-0E3D057B5281}] => (Allow) LPort=67
FirewallRules: [{040AFE65-EAF9-4474-BB60-16AF65F9A06F}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{C080D89D-57E1-4F8A-A797-8FCC5605E435}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules:  [{5858909B-BE33-4C37-A45C-4F19F95B567E}] => (Allow)  D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules:  [{3C868682-F800-4A45-AC47-15FD8E3866A8}] => (Allow)  D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{1C47162F-906F-4FBD-970B-1734AC394BF0}] => (Allow) LPort=1542
FirewallRules: [{F2A42F04-92E8-47E2-A4D0-291E2767404F}] => (Allow) LPort=1542
FirewallRules: [{99249CA2-B0C6-41EE-AB41-390C886B67A6}] => (Allow) LPort=53
FirewallRules: [{CD15A26A-5EFF-4B5C-A71F-B1071E72E3C4}] => (Allow) D:\Programme\Firefox\firefox.exe
FirewallRules: [{CD1E7EC9-93A5-4E68-915C-C4E4DEAF5625}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{5162FA48-429A-4C58-80DB-9BC35598D786}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{A58AABD6-C737-42E1-AA29-DBCC37F5A84C}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0541F35-A58F-4D75-B07B-15B02B93A79E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules:  [{A55F7C7A-5BC5-49F9-8F90-6711086DC828}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules:  [{6AC2EB43-E360-43E7-A9F0-BA7C4CE90581}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules:  [{C6F9C01C-FB0F-4905-AD46-AB11873D8667}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules:  [{CD6063B3-1106-46FF-93F9-EEE7DD4B2B31}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules:  [{5FFDABAB-DF82-445C-A825-BBED69916778}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules:  [{BCB3820C-E844-4975-9564-D555F51DA011}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C637198C-981F-4339-ABA4-4C8901ED58DB}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
FirewallRules:  [{FEBE2770-4BD6-4EDD-AD5C-3AE4B3D31F5D}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules:  [{04957A38-9767-4FB8-9219-8C86E7E9007C}] => (Allow)  D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules:  [TCP Query  User{421B369D-BD39-4563-825B-93C9D00FE367}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe]  => (Allow)  D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules:  [UDP Query  User{5DA2CF70-D8FE-4D82-AA04-07688139C690}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe]  => (Allow)  D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B6A6220A-0A79-4CA7-BEEE-37EE1EF02009}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{33BDF5C9-DDB5-4B21-978B-8D642FC2944A}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules:  [{FAC6F82F-2188-4B26-9654-9EAD2532D09F}] => (Allow) D:\Program Files  (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules:  [{4AB61BCB-D819-46C1-981C-B8D5373E3EB1}] => (Allow) D:\Program Files  (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP  Query User{E5128E6C-6F31-4053-9BCF-5A012621CAF2}D:\programme\intellij  idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea  14.1.3\bin\idea.exe
FirewallRules: [UDP Query  User{BC4421CB-80E6-4DC5-9D0F-360CAC2333FE}D:\programme\intellij idea  14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea  14.1.3\bin\idea.exe
FirewallRules: [{532A6236-1134-4C06-B25A-8CED3D9889C0}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{3B9CFBB6-F641-45BA-BE23-3E7BECD1B7C9}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7F86BE2-B56F-4CF0-9AAF-716EC68DF793}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules:  [TCP Query  User{1C6D81E2-7A13-4FE8-923E-1CE3626701C3}D:\bibliotheken\dokumente\visual  studio  2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules:  [UDP Query  User{64212B61-FE51-4CF1-A999-1F4176368480}D:\bibliotheken\dokumente\visual  studio  2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe]  => (Allow) D:\bibliotheken\dokumente\visual studio  2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules:  [{DB7CD632-356D-45B6-B34F-6C16E3DE3A88}] => (Allow)  D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules:  [{D58DFCE1-A394-41AD-97C4-0FC00DA9124B}] => (Allow)  D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules:  [{F00F1495-705D-42C0-B52D-986B3E6E84AF}] => (Allow)  D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules:  [{1ACDBE71-E4E9-483A-B605-A00205F63CC8}] => (Allow)  D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules:  [{B0DC9B2E-25A0-4813-A50E-282DDB817750}] => (Allow)  D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules:  [{AD1E481A-CA10-4FEA-B762-5E6FB769AA21}] => (Allow)  D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules:  [{20A49020-4357-4C59-A241-35738852D653}] => (Allow)  D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules:  [{813811C7-250D-480D-99FA-1B7F6A01707B}] => (Allow)  D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules:  [{2C3606E9-2891-49D1-871C-CDCA43E26F17}] => (Allow)  D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules:  [{97777FA6-9C44-4FB5-8F30-DDC4E4D5CA61}] => (Allow)  D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules:  [{810B4087-29A3-42E9-9B15-79A87304AA0E}] => (Allow)  D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules:  [{8D01D1A4-424C-494A-9881-BA717E59CEC5}] => (Allow)  D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules:  [{A567D6BD-71E0-44A7-BE58-D82E89664419}] => (Allow)  D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules:  [{45B3B229-80A7-4E6D-8CF5-36AC2C5EC183}] => (Allow)  D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules:  [TCP Query  User{B52D78CD-51F1-42E9-BD21-6516619D9795}C:\users\***\appdata\roaming\spotify\spotify.exe]  => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules:  [UDP Query  User{973DDF6E-7AB4-4113-B018-67DC52CC7A10}C:\users\***\appdata\roaming\spotify\spotify.exe]  => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules:  [{29F6FED4-3832-4FA6-A09C-D7B27F9F61C6}] => (Allow)  D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules:  [{38CD8322-5103-4C8F-A831-57A318120A73}] => (Allow)  D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{A078D75B-61B9-4892-AF73-DAA873C3DD2A}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{AD47C713-7A78-42D5-BC79-76938F868B17}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules:  [TCP Query User{DA102E3F-3218-4850-9BD2-8604C69F755E}D:\program files  (x86)\nodejs\node.exe] => (Allow) D:\program files  (x86)\nodejs\node.exe
FirewallRules: [UDP Query  User{3B8B2AC7-79C4-487B-B356-39DD81A1097E}D:\program files  (x86)\nodejs\node.exe] => (Allow) D:\program files  (x86)\nodejs\node.exe
FirewallRules: [{4BE6CA9A-C9F2-4B5F-8C1F-11E6EA41EBFC}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [{7410F56F-71AA-48C9-A4E5-BC1EE228E05C}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules:  [TCP Query  User{18C2F638-5FAA-4C6B-ABD2-18B682296B3E}D:\programme\unity\editor\unity.exe]  => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules:  [UDP Query  User{03D5B151-AEFF-4168-90A9-3EBD59130077}D:\programme\unity\editor\unity.exe]  => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules:  [TCP Query  User{280ADC29-3DCD-439A-90A3-552E6A77D5E6}D:\programme\unity\monodevelop\bin\monodevelop.exe]  => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules:  [UDP Query  User{E45FE307-4C7E-4FEF-AACD-29143A06A1E1}D:\programme\unity\monodevelop\bin\monodevelop.exe]  => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules:  [TCP Query  User{A5A88852-1BEE-4125-B280-C37CD641F3EF}D:\programme\firefox\plugin-container.exe]  => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules:  [UDP Query  User{78DC1F8F-42CC-4F77-B024-F66A1076F042}D:\programme\firefox\plugin-container.exe]  => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules:  [{F9F085E5-84E2-41BF-9D82-16E69DFA6859}] => (Allow)  D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules:  [{FE89FDC2-F4EC-4D0A-90C8-205D23C00894}] => (Allow)  D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules:  [{837AAA17-907F-4022-8FEA-8CB08C96B9E0}] => (Allow)  D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules:  [{99D71EFB-DEF0-49C8-BDA2-B126B8CC594A}] => (Allow)  D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{E402AA54-B19F-4FEE-A657-CD7D5CC0D40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B3291579-8C66-413E-8941-3CD682949412}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5F2FC6D3-8725-4C42-A5B6-9EF9E6B9703D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{19465167-8102-4FCC-9115-53D6F9E7E519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules:  [{BB23F745-3825-4925-A188-E614BA9FEC6B}] => (Allow)  D:\Programme\Steam\steamapps\common\APB  Reloaded\Launcher\APBLauncher.exe
FirewallRules:  [{E55872BB-597D-4C83-A052-5BFA907E0CB1}] => (Allow)  D:\Programme\Steam\steamapps\common\APB  Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{6C0F7DE6-0D66-4E97-952B-06BC0C4CDB71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{483C009E-5D66-4B22-B156-522A960CE9D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1545ADCD-EE25-4B35-B997-5D839799056D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D4149CE-C651-4D44-B67E-0DAC638457F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules:  [{B20BEC19-D01A-447B-A65E-E4D7B44FBF2C}] => (Allow)  D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules:  [{9C942DB7-C8AB-4C61-A85E-9BFBAF15656F}] => (Allow)  D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules:  [{F01BF58E-2C30-4D10-BCB7-C392B50B9D46}] => (Allow)  D:\Programme\Steam\steamapps\common\APB  Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules:  [{AD612527-AD71-43BC-835D-E580888A39BF}] => (Allow)  D:\Programme\Steam\steamapps\common\APB  Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules:  [{703E0406-7185-462A-8766-E6F03C082BBD}] => (Allow)  D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules:  [{72DCA22B-BEDF-4277-909D-027E0B607F76}] => (Allow)  D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{712F8169-4A64-4624-87E4-1824E2A17D2C}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30CADEA3-A8A5-45E7-98A0-063453D5D7DF}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30F08DBA-D584-4804-802A-5BC07582ECED}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{38E6EE8D-893D-4E70-88D6-F7959235B6E9}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules:  [{40D623E8-1B93-44A8-A436-0F17D109FE1C}] => (Allow) D:\Program Files  (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules:  [{AB9F31BD-D567-4862-8C80-82E3171168AD}] => (Allow) D:\Program Files  (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{BEA05228-DA4B-4663-AB29-35101B3E720F}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{55379890-22FC-425E-87C5-108687B16478}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules:  [{6C16AD60-A79E-4F5C-9180-59ADFDC740F6}] => (Allow)  D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016  myClub\PES2016.exe
FirewallRules:  [{A791CEC0-88D1-435C-A119-8938D8AB1904}] => (Allow)  D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016  myClub\PES2016.exe
FirewallRules:  [{65CA07C2-5E42-4436-AEF2-1C3737F88EDB}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules:  [{6C4F96A3-C852-4A31-AF00-DA9C9F2FBB93}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules:  [{1FFFAF77-DD5B-4007-8F38-33A0199AD0E0}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules:  [{A0D0FE67-C630-44AD-8299-5771B58A188F}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules:  [{5CDCCEB7-22B1-4BC3-918F-FD6C2574105A}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules:  [{C4383461-FE60-4CCE-B402-D15042238099}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules:  [{70D59486-A6A3-4A13-BEFD-5CBDF13CAD3D}] => (Allow)  D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules:  [{6F82E02D-E318-4AB7-9AC4-40D2F7D68474}] => (Allow)  D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules:  [{EE534453-97E6-475E-9375-5627856E0527}] => (Allow)  D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{75546729-045B-4E4B-AC8B-32FB3E9F91D3}] => (Allow) LPort=1689
FirewallRules: [{FE5524CD-31D8-404D-BE9F-6BBBD2793C1B}] => (Allow) LPort=1688
FirewallRules: [{D2518655-E8F5-4118-8048-070AE5C579DB}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{CAEE5C5F-7360-4D84-B761-00A87C3C0BB5}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules:  [{7F96F179-061E-4488-84DC-C6CACB1A2EC4}] => (Allow) C:\Program Files  (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A50E5906-B757-4A7B-9F5A-370F8368AE2F}] => (Allow) D:\Programme\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{D5DF9CF8-BF0B-4D7C-AECB-13C94FAC5552}] => (Allow) D:\Programme\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{78EDC2DB-A5A9-4D67-9ACF-B39C87214F09}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{97B3CA3B-17B5-462A-BC1D-91D33DA98661}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules:  [TCP Query  User{BFB3F05F-BE60-4D34-9D14-7372F83FAB32}D:\programme\mozilla  firefox\plugin-container.exe] => (Allow) D:\programme\mozilla  firefox\plugin-container.exe
FirewallRules: [UDP Query  User{85014EF6-FB9A-4C14-973A-AD3B59179C93}D:\programme\mozilla  firefox\plugin-container.exe] => (Allow) D:\programme\mozilla  firefox\plugin-container.exe
FirewallRules: [TCP Query  User{68A2B2F7-8E7E-42E3-9BBB-70DA68160C51}D:\programme\vlc\vlc.exe]  => (Allow) D:\programme\vlc\vlc.exe
FirewallRules: [UDP Query  User{A2590862-ACD0-414A-9F30-D0A56CECA5DD}D:\programme\vlc\vlc.exe]  => (Allow) D:\programme\vlc\vlc.exe
FirewallRules:  [{A3479CAB-96E8-4B47-A6E5-4FEF440BC006}] => (Allow)  D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules:  [{F5013485-C103-4F8F-83CC-EA822D1182C9}] => (Allow)  D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules:  [TCP Query User{D586A2B5-29F5-47C5-AC83-EBE4F8314416}D:\programme\epic  games\launcher\portal\binaries\win32\epicgameslauncher.exe] =>  (Allow) D:\programme\epic  games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules:  [UDP Query User{F64F3593-0E9D-4915-A5D1-DDD47CDB330F}D:\programme\epic  games\launcher\portal\binaries\win32\epicgameslauncher.exe] =>  (Allow) D:\programme\epic  games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules:  [TCP Query User{25E9A2E0-D344-4FD1-8908-4ED77D8E8A6C}D:\programme\epic  games\launcher\portal\binaries\win64\epicgameslauncher.exe] =>  (Allow) D:\programme\epic  games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules:  [UDP Query User{B581A923-8868-4146-9E8E-91FC43A4D341}D:\programme\epic  games\launcher\portal\binaries\win64\epicgameslauncher.exe] =>  (Allow) D:\programme\epic  games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules:  [TCP Query User{7FD70F3C-D82E-4934-8385-31B1538AD2D1}D:\programme\epic  games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow)  D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules:  [UDP Query User{B1BD8D0C-1505-4EF5-982D-71562D7F67C3}D:\programme\epic  games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow)  D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules:  [TCP Query User{6C65CD53-A12B-4022-9449-E582AD2971E9}D:\programme\epic  games\4.10\engine\binaries\dotnet\swarmagent.exe] => (Allow)  D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe
FirewallRules:  [UDP Query User{1B5A33FB-31D1-4495-B4C3-5234F73A9387}D:\programme\epic  games\4.10\engine\binaries\dotnet\swarmagent.exe] => (Allow)  D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe

==================== Wiederherstellungspunkte =========================

08-02-2016 14:34:28 Windows Update
12-02-2016 15:12:33 Windows Update
15-02-2016 21:03:34 Windows Update
19-02-2016 12:15:24 Windows Update
22-02-2016 15:50:52 Windows Update
24-02-2016 17:37:03 Installed eM Client
28-02-2016 10:15:40 Windows Update
29-02-2016 18:13:24 Installed eM Client

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution:  In Device Manager, click "Action", and then click "Enable Device". This  starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution:  In Device Manager, click "Action", and then click "Enable Device". This  starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/29/2016 06:13:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/28/2016 08:03:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x42c
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5

Error: (02/28/2016 04:58:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (02/28/2016 04:58:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (02/28/2016 04:58:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8

Error: (02/28/2016 04:58:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (02/28/2016 01:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x1b88
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5

Error: (02/28/2016 10:15:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/27/2016 09:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x284c
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5

Error: (02/27/2016 08:59:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


Systemfehler:
=============
Error: (02/29/2016 06:11:15 PM) (Source: DCOM) (EventID: 10016) (User: KASKADEKING-PC)
Description:  ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}KASKADEKING-PCKaskadekingDES-1-5-21-117306591-3796779208-521460896-1001LocalHost  (unter Verwendung von  LRPC)Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (02/29/2016 06:07:33 PM) (Source: DCOM) (EventID: 10010) (User: KASKADEKING-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description:  Der Dienst "Benutzerdatenzugriff_6fa5dfc" wurde unerwartet beendet.  Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden  in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description:  Der Dienst "Benutzerdatenspeicher _6fa5dfc" wurde unerwartet beendet.  Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden  in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description:  Der Dienst "Kontaktdaten_6fa5dfc" wurde unerwartet beendet. Dies ist  bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000  Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description:  Der Dienst "Synchronisierungshost_6fa5dfc" wurde unerwartet beendet.  Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden  in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/28/2016 10:01:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description:  AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost  (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/27/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_cedd1 erreicht.

Error: (02/27/2016 10:05:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _cedd1 erreicht.

Error: (02/27/2016 10:05:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description:  Der Dienst "Benutzerdatenzugriff_cedd1" wurde unerwartet beendet. Dies  ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in  10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-02-11 17:29:08.364
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-02-11 13:42:12.036
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-31 14:22:33.092
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-30 09:54:28.092
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 18:28:03.987
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 18:16:18.014
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 15:07:10.925
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 15:00:30.393
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 14:58:24.104
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 14:57:07.832
  Description: Code Integrity is unable to verify the image integrity of  the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the  set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: AMD A8-6600K APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 7364.16 MB
Verfügbarer physikalischer RAM: 3693.43 MB
Summe virtueller Speicher: 13828.16 MB
Verfügbarer virtueller Speicher: 8857.11 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:107.86 GB) (Free:13.33 GB) NTFS
Drive d: (Daten) (Fixed) (Total:731.51 GB) (Free:367.17 GB) NTFS
Drive h: (HI) (Removable) (Total:7.48 GB) (Free:6.24 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 72B5DD30)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DFE201F7)
Partition 1: (Not Active) - (Size=731.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 0DFF7265)
No partition Table on disk 3.

==================== Ende von Addition.txt ============================
Ich habe in der Zeit BitBox installiert welches ohne Probleme funktioniert. Wäre aber froh wenn ich auch ohne VM mit Firefox ins Internet könnte ^^

deeprybka 01.03.2016 21:27
Seit wann besteht das Problem genau?

Schritt 1
Downloade Dirhttp://deeprybka.trojaner-board.de/b...ns/proe1tb.pngProcess Explorer auf Deinen Desktop und entpacke die zip-Datei.
  • Rechtsklick auf das Icon und als Administrator starten.
  • Akzeptiere die Lizenzbedingungen.
  • Klicke auf Options und aktiviere "check for virustotal.com".
  • Bestätige die Nutzungsbedingungen und warte auf die Resultate.
  • Erstelle einen Screenshot der Prozesseund poste ihn hier.

Kaskadeking 04.03.2016 16:00
Sorry, dass ich dir jetzt erst antworte. Hatte keine Email-Benachrichtigung bekommen.

Bei allen Prozessen wurde nix gefunden, soll ich den Screenshot trotzdem posten?

Ich kann dir leider nicht genau sagen seit wann, aber ich würde sagen seit ca. 2 Wochen.

deeprybka 05.03.2016 14:11
ja...

Kaskadeking 05.03.2016 14:34

deeprybka 05.03.2016 16:20
Boote mal in den abgesicherten Modus mit Netzwerktreibern und teste die Browser.

Kaskadeking 06.03.2016 09:33
Obwohl ich den Abgesicherten Modus mit Netzwerktreibern aktiviert habe wird keine Verbindung zum Internet hergestellt bzw. es wird kein Netzwerk gefunden.

deeprybka 06.03.2016 12:56
Gut, dann machen wir die Routine-Scans nach Malware.

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Kaskadeking 06.03.2016 13:54
Code:
13:50:46.0221 0x1e14  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:50:49.0552 0x1e14  ============================================================
13:50:49.0553 0x1e14  Current date / time: 2016/03/06 13:50:49.0552
13:50:49.0553 0x1e14  SystemInfo:
13:50:49.0553 0x1e14 
13:50:49.0553 0x1e14  OS Version: 10.0.10586 ServicePack: 0.0
13:50:49.0553 0x1e14  Product type: Workstation
13:50:49.0553 0x1e14  ComputerName: KASKADEKING-PC
13:50:49.0553 0x1e14  UserName: KaskadekingDE
13:50:49.0553 0x1e14  Windows directory: C:\WINDOWS
13:50:49.0553 0x1e14  System windows directory: C:\WINDOWS
13:50:49.0553 0x1e14  Running under WOW64
13:50:49.0553 0x1e14  Processor architecture: Intel x64
13:50:49.0553 0x1e14  Number of processors: 4
13:50:49.0553 0x1e14  Page size: 0x1000
13:50:49.0553 0x1e14  Boot type: Normal boot
13:50:49.0553 0x1e14  ============================================================
13:50:49.0856 0x1e14  KLMD registered as C:\WINDOWS\system32\drivers\96934519.sys
13:50:50.0090 0x1e14  System UUID: {0F7950E4-C068-B77D-9D9C-525E1276903C}
13:50:50.0849 0x1e14  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:50.0867 0x1e14  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:50.0885 0x1e14  Drive \Device\Harddisk3\DR3 - Size: 0x1E0000000 ( 7.50 Gb ), SectorSize: 0x200, Cylinders: 0x3D3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:50:50.0887 0x1e14  ============================================================
13:50:50.0887 0x1e14  \Device\Harddisk0\DR0:
13:50:50.0887 0x1e14  MBR partitions:
13:50:50.0887 0x1e14  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
13:50:50.0887 0x1e14  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xD7BA000
13:50:50.0887 0x1e14  \Device\Harddisk1\DR1:
13:50:50.0887 0x1e14  MBR partitions:
13:50:50.0887 0x1e14  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5B705000
13:50:50.0887 0x1e14  \Device\Harddisk3\DR3:
13:50:50.0889 0x1e14  MBR partitions:
13:50:50.0889 0x1e14  ============================================================
13:50:50.0890 0x1e14  C: <-> \Device\Harddisk0\DR0\Partition2
13:50:50.0901 0x1e14  D: <-> \Device\Harddisk1\DR1\Partition1
13:50:50.0901 0x1e14  ============================================================
13:50:50.0901 0x1e14  Initialize success
13:50:50.0901 0x1e14  ============================================================
13:51:15.0561 0x2154  ============================================================
13:51:15.0561 0x2154  Scan started
13:51:15.0561 0x2154  Mode: Manual; SigCheck; TDLFS;
13:51:15.0561 0x2154  ============================================================
13:51:15.0561 0x2154  KSN ping started
13:51:17.0996 0x2154  KSN ping finished: true
13:51:18.0426 0x2154  ================ Scan system memory ========================
13:51:18.0426 0x2154  System memory - ok
13:51:18.0426 0x2154  ================ Scan services =============================
13:51:18.0460 0x2154  1394ohci - ok
13:51:18.0465 0x2154  3ware - ok
13:51:18.0470 0x2154  ACPI - ok
13:51:18.0477 0x2154  acpiex - ok
13:51:18.0482 0x2154  acpipagr - ok
13:51:18.0486 0x2154  AcpiPmi - ok
13:51:18.0491 0x2154  acpitime - ok
13:51:18.0499 0x2154  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:51:18.0558 0x2154  AdobeARMservice - ok
13:51:18.0579 0x2154  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:51:18.0634 0x2154  AdobeFlashPlayerUpdateSvc - ok
13:51:18.0642 0x2154  ADP80XX - ok
13:51:18.0649 0x2154  AFD - ok
13:51:18.0654 0x2154  agp440 - ok
13:51:18.0660 0x2154  ahcache - ok
13:51:18.0664 0x2154  AJRouter - ok
13:51:18.0669 0x2154  ALG - ok
13:51:18.0680 0x2154  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:51:18.0709 0x2154  AMD External Events Utility - ok
13:51:18.0720 0x2154  [ DE51F5BB5C05D4C831ECB6E1A70E1B5E, 465834210ACE469481F75EDBB8532386029BD5277C41D084134E9E71B9BD8371 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
13:51:18.0751 0x2154  AMD FUEL Service - ok
13:51:18.0756 0x2154  AmdK8 - ok
13:51:18.0762 0x2154  [ BE258C17CFD09F4210602105432E784A, FD38B50785206D6E5EADE65396030E18C8B9D993D7225057B0C24F3256BCE2E3 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
13:51:18.0782 0x2154  amdkmafd - ok
13:51:18.0788 0x2154  amdkmdag - ok
13:51:18.0806 0x2154  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
13:51:19.0056 0x2154  amdkmdap - ok
13:51:19.0063 0x2154  [ EF4680F07516F6D61F6E0BA1D34B3A3A, C367B323B26CF56AA6260E41129AE5F2DC97CFD0A9D984D9D5C051BE61ACD247 ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
13:51:19.0077 0x2154  amdkmpfd - ok
13:51:19.0082 0x2154  AmdPPM - ok
13:51:19.0087 0x2154  amdsata - ok
13:51:19.0093 0x2154  amdsbs - ok
13:51:19.0098 0x2154  amdxata - ok
13:51:19.0109 0x2154  [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc          C:\WINDOWS\System32\drivers\amdxhc.sys
13:51:19.0136 0x2154  amdxhc - ok
13:51:19.0143 0x2154  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
13:51:19.0157 0x2154  amd_sata - ok
13:51:19.0163 0x2154  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
13:51:19.0176 0x2154  amd_xata - ok
13:51:19.0181 0x2154  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:51:19.0202 0x2154  AODDriver4.3 - ok
13:51:19.0207 0x2154  AppID - ok
13:51:19.0212 0x2154  AppIDSvc - ok
13:51:19.0217 0x2154  Appinfo - ok
13:51:19.0223 0x2154  AppReadiness - ok
13:51:19.0227 0x2154  AppXSvc - ok
13:51:19.0238 0x2154  [ CF6E96336D3B247AB48F28CC570B83D8, B606BE7A2127E8FD3C7DFFEE844EFC8ABCBD08FE48384692B7B5928970AD54E3 ] APXACC          C:\WINDOWS\system32\DRIVERS\appexDrv.sys
13:51:19.0266 0x2154  APXACC - ok
13:51:19.0272 0x2154  arcsas - ok
13:51:19.0286 0x2154  aspnet_state - ok
13:51:19.0292 0x2154  AsyncMac - ok
13:51:19.0296 0x2154  atapi - ok
13:51:19.0307 0x2154  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
13:51:19.0337 0x2154  AtiHDAudioService - ok
13:51:19.0342 0x2154  AudioEndpointBuilder - ok
13:51:19.0346 0x2154  Audiosrv - ok
13:51:19.0353 0x2154  AxInstSV - ok
13:51:19.0357 0x2154  b06bdrv - ok
13:51:19.0363 0x2154  BasicDisplay - ok
13:51:19.0368 0x2154  BasicRender - ok
13:51:19.0376 0x2154  bcmfn - ok
13:51:19.0381 0x2154  bcmfn2 - ok
13:51:19.0388 0x2154  BDESVC - ok
13:51:19.0393 0x2154  Beep - ok
13:51:19.0398 0x2154  BFE - ok
13:51:19.0516 0x2154  [ 67EC059D86749294C5F228EE17276BAA, 1B68A5A9391AEA52DE00BD0AED3BEFAF5457ACA0B14E6C7AEA23D8579A69B812 ] BitBoxService  D:\Programme\BitBox\bin\BitBoxService.exe
13:51:19.0578 0x2154  BitBoxService - detected UnsignedFile.Multi.Generic ( 1 )
13:51:22.0004 0x2154  Detect skipped due to KSN trusted
13:51:22.0004 0x2154  BitBoxService - ok
13:51:22.0012 0x2154  BITS - ok
13:51:22.0032 0x2154  [ C34F17588D07AF45E8718AD0CE3192B9, 16951D12809CAB931D2317D37EE02370C84E94BB1E8E015F2F7DA3F0A89A5F50 ] Bonjour Service C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
13:51:22.0103 0x2154  Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
13:51:24.0532 0x2154  Detect skipped due to KSN trusted
13:51:24.0533 0x2154  Bonjour Service - ok
13:51:24.0540 0x2154  bowser - ok
13:51:24.0547 0x2154  BrokerInfrastructure - ok
13:51:24.0556 0x2154  Browser - ok
13:51:24.0571 0x2154  [ 56923A5C69593C0F09B6ABBCB3F2A316, 0943E1BC09DCECC67FED099DFBC657CB3A379F623DC894E768BD7D8EA3E8294D ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
13:51:24.0669 0x2154  BstHdAndroidSvc - ok
13:51:24.0676 0x2154  [ 431418FF64C8301D7F390C01F5AE0A8A, AB6D684BD4B5D413E56DBE743B95E6734B64813C958D5D252EB226AFFFA7D719 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
13:51:24.0699 0x2154  BstHdDrv - ok
13:51:24.0710 0x2154  [ 1A3E73E34A1C5A9C183B297CAE067BE3, A68436B35807B96E088E66156BFCFE404C2ECA31FE4A90EFBDAF08D7FFF00415 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
13:51:24.0799 0x2154  BstHdLogRotatorSvc - ok
13:51:24.0818 0x2154  [ 8D348914BC6262CC2CA16980406B6A5D, 6B3747D93AD0C29E560F71E10268B54BE6BCC8EDE3501142193A6FF284C8F833 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
13:51:24.0960 0x2154  BstHdUpdaterSvc - ok
13:51:24.0966 0x2154  BthAvrcpTg - ok
13:51:24.0971 0x2154  BthHFEnum - ok
13:51:24.0977 0x2154  bthhfhid - ok
13:51:24.0983 0x2154  BthHFSrv - ok
13:51:24.0988 0x2154  BTHMODEM - ok
13:51:24.0995 0x2154  bthserv - ok
13:51:25.0001 0x2154  buttonconverter - ok
13:51:25.0006 0x2154  CapImg - ok
13:51:25.0011 0x2154  cdfs - ok
13:51:25.0016 0x2154  CDPSvc - ok
13:51:25.0020 0x2154  cdrom - ok
13:51:25.0026 0x2154  CertPropSvc - ok
13:51:25.0031 0x2154  [ 6FED735D3B808D51C725C886E8F53116, 7DABDFA995C1323E222D7D5AE7F3AE28E11703E21430EA7B7B16B12DF0102B86 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
13:51:25.0073 0x2154  CGVPNCliService - ok
13:51:25.0078 0x2154  circlass - ok
13:51:25.0083 0x2154  CLFS - ok
13:51:25.0089 0x2154  ClipSVC - ok
13:51:25.0104 0x2154  CmBatt - ok
13:51:25.0110 0x2154  CNG - ok
13:51:25.0115 0x2154  cnghwassist - ok
13:51:25.0126 0x2154  CompositeBus - ok
13:51:25.0132 0x2154  COMSysApp - ok
13:51:25.0137 0x2154  condrv - ok
13:51:25.0141 0x2154  CoreMessagingRegistrar - ok
13:51:25.0151 0x2154  CryptSvc - ok
13:51:25.0155 0x2154  dam - ok
13:51:25.0164 0x2154  DcomLaunch - ok
13:51:25.0168 0x2154  DcpSvc - ok
13:51:25.0173 0x2154  defragsvc - ok
13:51:25.0178 0x2154  DeviceAssociationService - ok
13:51:25.0184 0x2154  DeviceInstall - ok
13:51:25.0189 0x2154  DevQueryBroker - ok
13:51:25.0194 0x2154  Dfsc - ok
13:51:25.0204 0x2154  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:51:25.0231 0x2154  dg_ssudbus - ok
13:51:25.0235 0x2154  Dhcp - ok
13:51:25.0241 0x2154  diagnosticshub.standardcollector.service - ok
13:51:25.0247 0x2154  DiagTrack - ok
13:51:25.0251 0x2154  disk - ok
13:51:25.0256 0x2154  DmEnrollmentSvc - ok
13:51:25.0262 0x2154  dmvsc - ok
13:51:25.0268 0x2154  dmwappushservice - ok
13:51:25.0272 0x2154  Dnscache - ok
13:51:25.0280 0x2154  dot3svc - ok
13:51:25.0285 0x2154  DPS - ok
13:51:25.0291 0x2154  drmkaud - ok
13:51:25.0296 0x2154  DsmSvc - ok
13:51:25.0301 0x2154  DsSvc - ok
13:51:25.0307 0x2154  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus  C:\WINDOWS\System32\drivers\dtlitescsibus.sys
13:51:25.0332 0x2154  dtlitescsibus - ok
13:51:25.0337 0x2154  DXGKrnl - ok
13:51:25.0341 0x2154  Eaphost - ok
13:51:25.0397 0x2154  [ 09036ED65D41B334CF541D3F3E982EAB, 7B68E0D732ADA2C15A7C3AEC62105076132F71B653467A793729D893366AA76B ] EaseUS Agent    D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
13:51:25.0627 0x2154  EaseUS Agent - ok
13:51:25.0635 0x2154  ebdrv - ok
13:51:25.0643 0x2154  EFS - ok
13:51:25.0651 0x2154  EhStorClass - ok
13:51:25.0659 0x2154  EhStorTcgDrv - ok
13:51:25.0668 0x2154  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
13:51:25.0692 0x2154  ElbyCDIO - ok
13:51:25.0697 0x2154  embeddedmode - ok
13:51:25.0702 0x2154  EntAppSvc - ok
13:51:25.0707 0x2154  [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
13:51:25.0733 0x2154  epmntdrv - ok
13:51:25.0737 0x2154  ErrDev - ok
13:51:25.0747 0x2154  [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP        C:\WINDOWS\system32\drivers\eubakup.sys
13:51:25.0760 0x2154  EUBAKUP - ok
13:51:25.0766 0x2154  [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON        C:\WINDOWS\system32\drivers\EUBKMON.sys
13:51:25.0779 0x2154  EUBKMON - ok
13:51:25.0784 0x2154  [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
13:51:25.0803 0x2154  EUDSKACS - ok
13:51:25.0811 0x2154  [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
13:51:25.0837 0x2154  EUFDDISK - ok
13:51:25.0843 0x2154  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
13:51:25.0865 0x2154  EuGdiDrv - ok
13:51:25.0871 0x2154  EventSystem - ok
13:51:25.0877 0x2154  exfat - ok
13:51:25.0882 0x2154  fastfat - ok
13:51:25.0887 0x2154  Fax - ok
13:51:25.0893 0x2154  fdc - ok
13:51:25.0898 0x2154  fdPHost - ok
13:51:25.0902 0x2154  FDResPub - ok
13:51:25.0908 0x2154  fhsvc - ok
13:51:25.0913 0x2154  FileCrypt - ok
13:51:25.0919 0x2154  FileInfo - ok
13:51:25.0924 0x2154  Filetrace - ok
13:51:25.0929 0x2154  flpydisk - ok
13:51:25.0933 0x2154  FltMgr - ok
13:51:25.0939 0x2154  FontCache - ok
13:51:25.0945 0x2154  FontCache3.0.0.0 - ok
13:51:25.0950 0x2154  FsDepends - ok
13:51:25.0954 0x2154  Fs_Rec - ok
13:51:25.0964 0x2154  [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
13:51:25.0981 0x2154  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
13:51:28.0410 0x2154  Detect skipped due to KSN trusted
13:51:28.0410 0x2154  fussvc - ok
13:51:28.0428 0x2154  [ DD20EE28F6A5B0B9CCA98C2070C718FF, C4630692ECEE311F7F35C459D1AD194EA754964354A5D581DBD30EEF36B4D4EB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
13:51:28.0491 0x2154  Futuremark SystemInfo Service - ok
13:51:28.0496 0x2154  fvevol - ok
13:51:28.0501 0x2154  gagp30kx - ok
13:51:28.0568 0x2154  [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService D:\Programme\GalaxyClient\GalaxyClientService.exe
13:51:28.0793 0x2154  GalaxyClientService - ok
13:51:28.0929 0x2154  [ C6B53600271EA23A03D5C23316407013, A2B672134EC6415D689F5F1BDF0500B876CB3BA2BA022E4C7FF4C15215AF7BC2 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
13:51:29.0976 0x2154  GalaxyCommunication - ok
13:51:29.0994 0x2154  gencounter - ok
13:51:29.0999 0x2154  genericusbfn - ok
13:51:30.0005 0x2154  GPIOClx0101 - ok
13:51:30.0011 0x2154  gpsvc - ok
13:51:30.0018 0x2154  GpuEnergyDrv - ok
13:51:30.0026 0x2154  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:30.0063 0x2154  gupdate - ok
13:51:30.0068 0x2154  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:30.0105 0x2154  gupdatem - ok
13:51:30.0111 0x2154  [ 3F95931AEEA6DEF9FC02C565D2EFC145, A77CE97B0143A035D7C2655C2BF31008D4D555EF63CCF188EC58D5611782E635 ] hcmon          C:\WINDOWS\system32\drivers\hcmon.sys
13:51:30.0133 0x2154  hcmon - ok
13:51:30.0138 0x2154  HDAudBus - ok
13:51:30.0151 0x2154  [ D95AAA765E0DF05DA881D259D3EF5B84, 9FF0305323AA04B7622CBC065D27BAD347D7C5B757A0B82F0A2AA99B517F9606 ] HerculesWiFi    C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe
13:51:30.0195 0x2154  HerculesWiFi - ok
13:51:30.0199 0x2154  HidBatt - ok
13:51:30.0204 0x2154  HidBth - ok
13:51:30.0209 0x2154  hidi2c - ok
13:51:30.0215 0x2154  hidinterrupt - ok
13:51:30.0219 0x2154  HidIr - ok
13:51:30.0224 0x2154  hidserv - ok
13:51:30.0230 0x2154  HidUsb - ok
13:51:30.0299 0x2154  [ 7D8A3C3D22CE3826693DC7E600EFC1D7, C7B4585BEBB9E0E3628D922859DA3BFE6CCC2612ED31C7FDCB541116483F3046 ] HiPatchService  D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
13:51:30.0319 0x2154  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
13:51:32.0777 0x2154  Detect skipped due to KSN trusted
13:51:32.0777 0x2154  HiPatchService - ok
13:51:32.0782 0x2154  HomeGroupListener - ok
13:51:32.0788 0x2154  HomeGroupProvider - ok
13:51:32.0793 0x2154  HpSAMD - ok
13:51:32.0799 0x2154  HTTP - ok
13:51:32.0805 0x2154  hwpolicy - ok
13:51:32.0812 0x2154  hyperkbd - ok
13:51:32.0817 0x2154  i8042prt - ok
13:51:32.0822 0x2154  iai2c - ok
13:51:32.0828 0x2154  iaLPSS2i_I2C - ok
13:51:32.0833 0x2154  iaLPSSi_GPIO - ok
13:51:32.0838 0x2154  iaLPSSi_I2C - ok
13:51:32.0844 0x2154  iaStorAV - ok
13:51:32.0848 0x2154  iaStorV - ok
13:51:32.0854 0x2154  ibbus - ok
13:51:32.0858 0x2154  icssvc - ok
13:51:32.0864 0x2154  IEEtwCollectorService - ok
13:51:32.0869 0x2154  IKEEXT - ok
13:51:32.0958 0x2154  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:51:33.0127 0x2154  IntcAzAudAddService - ok
13:51:33.0139 0x2154  intelide - ok
13:51:33.0144 0x2154  intelpep - ok
13:51:33.0150 0x2154  intelppm - ok
13:51:33.0154 0x2154  IoQos - ok
13:51:33.0161 0x2154  IpFilterDriver - ok
13:51:33.0166 0x2154  iphlpsvc - ok
13:51:33.0171 0x2154  IPMIDRV - ok
13:51:33.0176 0x2154  IPNAT - ok
13:51:33.0182 0x2154  [ 30228DC3268ADAA214B03A3948CA85BC, 0F1F8898A64FFD61B84E9B2E2A4E5FF468295F6A55FCE95748957DFC5D94D56A ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
13:51:33.0212 0x2154  IpOverUsbSvc - ok
13:51:33.0217 0x2154  IRENUM - ok
13:51:33.0221 0x2154  isapnp - ok
13:51:33.0227 0x2154  iScsiPrt - ok
13:51:33.0257 0x2154  [ 68AD877758CEB893FABC6D85F9CD0E04, 54C28C9FEB1C87E3634EB08735A8E82CACFDAC858D2B18E5C45598D2785B9115 ] jetbrainsetw.103.0.20150818.191753 C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
13:51:33.0310 0x2154  jetbrainsetw.103.0.20150818.191753 - ok
13:51:33.0317 0x2154  kbdclass - ok
13:51:33.0323 0x2154  kbdhid - ok
13:51:33.0328 0x2154  kdnic - ok
13:51:33.0334 0x2154  KeyIso - ok
13:51:33.0338 0x2154  KSecDD - ok
13:51:33.0344 0x2154  KSecPkg - ok
13:51:33.0348 0x2154  ksthunk - ok
13:51:33.0354 0x2154  KtmRm - ok
13:51:33.0359 0x2154  LanmanServer - ok
13:51:33.0364 0x2154  LanmanWorkstation - ok
13:51:33.0371 0x2154  lfsvc - ok
13:51:33.0377 0x2154  LicenseManager - ok
13:51:33.0382 0x2154  lltdio - ok
13:51:33.0387 0x2154  lltdsvc - ok
13:51:33.0392 0x2154  lmhosts - ok
13:51:33.0399 0x2154  LSI_SAS - ok
13:51:33.0404 0x2154  LSI_SAS2i - ok
13:51:33.0409 0x2154  LSI_SAS3i - ok
13:51:33.0414 0x2154  LSI_SSS - ok
13:51:33.0420 0x2154  LSM - ok
13:51:33.0426 0x2154  luafv - ok
13:51:33.0432 0x2154  [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam        C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
13:51:33.0455 0x2154  ManyCam - ok
13:51:33.0460 0x2154  MapsBroker - ok
13:51:33.0465 0x2154  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector  C:\WINDOWS\system32\drivers\mbam.sys
13:51:33.0479 0x2154  MBAMProtector - ok
13:51:33.0576 0x2154  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler  D:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
13:51:33.0643 0x2154  MBAMScheduler - ok
13:51:33.0681 0x2154  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService    D:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
13:51:33.0737 0x2154  MBAMService - ok
13:51:33.0748 0x2154  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy  C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:51:33.0766 0x2154  MBAMSwissArmy - ok
13:51:33.0773 0x2154  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:51:33.0788 0x2154  MBAMWebAccessControl - ok
13:51:33.0793 0x2154  [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
13:51:33.0814 0x2154  mcaudrv_simple - ok
13:51:33.0818 0x2154  megasas - ok
13:51:33.0824 0x2154  megasr - ok
13:51:33.0828 0x2154  MessagingService - ok
13:51:33.0844 0x2154  mlx4_bus - ok
13:51:33.0849 0x2154  MMCSS - ok
13:51:33.0854 0x2154  Modem - ok
13:51:33.0860 0x2154  monitor - ok
13:51:33.0865 0x2154  mouclass - ok
13:51:33.0873 0x2154  mouhid - ok
13:51:33.0877 0x2154  mountmgr - ok
13:51:33.0885 0x2154  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:51:33.0917 0x2154  MozillaMaintenance - ok
13:51:33.0922 0x2154  mpsdrv - ok
13:51:33.0927 0x2154  MpsSvc - ok
13:51:33.0932 0x2154  MRxDAV - ok
13:51:33.0938 0x2154  mrxsmb - ok
13:51:33.0944 0x2154  mrxsmb10 - ok
13:51:33.0949 0x2154  mrxsmb20 - ok
13:51:33.0954 0x2154  MsBridge - ok
13:51:33.0959 0x2154  MSDTC - ok
13:51:33.0968 0x2154  Msfs - ok
13:51:33.0974 0x2154  msgpiowin32 - ok
13:51:33.0979 0x2154  mshidkmdf - ok
13:51:33.0983 0x2154  mshidumdf - ok
13:51:33.0989 0x2154  msisadrv - ok
13:51:33.0993 0x2154  MSiSCSI - ok
13:51:33.0998 0x2154  msiserver - ok
13:51:34.0002 0x2154  MSKSSRV - ok
13:51:34.0008 0x2154  MsLldp - ok
13:51:34.0012 0x2154  MSPCLOCK - ok
13:51:34.0018 0x2154  MSPQM - ok
13:51:34.0024 0x2154  MsRPC - ok
13:51:34.0031 0x2154  mssmbios - ok
13:51:34.0038 0x2154  MSTEE - ok
13:51:34.0043 0x2154  MTConfig - ok
13:51:34.0048 0x2154  Mup - ok
13:51:34.0054 0x2154  mvumis - ok
13:51:34.0060 0x2154  NativeWifiP - ok
13:51:34.0066 0x2154  [ 873005BF5DE7EEC41FCE697CB0FC5FF2, 7C72B3FE77CBD177116C7033EAE72708BD3B38F8AE455E2560E9D306127BCDAB ] nbdrv          C:\WINDOWS\system32\DRIVERS\nbdrv.sys
13:51:34.0090 0x2154  nbdrv - ok
13:51:34.0095 0x2154  NcaSvc - ok
13:51:34.0098 0x2154  NcbService - ok
13:51:34.0104 0x2154  NcdAutoSetup - ok
13:51:34.0109 0x2154  ndfltr - ok
13:51:34.0115 0x2154  NDIS - ok
13:51:34.0120 0x2154  NdisCap - ok
13:51:34.0125 0x2154  NdisImPlatform - ok
13:51:34.0129 0x2154  NdisTapi - ok
13:51:34.0135 0x2154  Ndisuio - ok
13:51:34.0140 0x2154  NdisVirtualBus - ok
13:51:34.0145 0x2154  NdisWan - ok
13:51:34.0151 0x2154  ndiswanlegacy - ok
13:51:34.0156 0x2154  ndproxy - ok
13:51:34.0161 0x2154  Ndu - ok
13:51:34.0205 0x2154  [ 5E84EDE47F715B6248B39E70229F8497, BFB4C7066F2459F60F1C2C50B743E1D02793A769F00D49626F125A6A754F9DE8 ] NetBalancerService D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe
13:51:34.0235 0x2154  NetBalancerService - ok
13:51:34.0240 0x2154  NetBIOS - ok
13:51:34.0248 0x2154  NetBT - ok
13:51:34.0255 0x2154  Netlogon - ok
13:51:34.0260 0x2154  Netman - ok
13:51:34.0268 0x2154  netprofm - ok
13:51:34.0273 0x2154  NetSetupSvc - ok
13:51:34.0280 0x2154  NetTcpPortSharing - ok
13:51:34.0288 0x2154  NgcCtnrSvc - ok
13:51:34.0294 0x2154  NgcSvc - ok
13:51:34.0302 0x2154  NlaSvc - ok
13:51:34.0306 0x2154  Npfs - ok
13:51:34.0312 0x2154  npggsvc - ok
13:51:34.0318 0x2154  npsvctrig - ok
13:51:34.0323 0x2154  nsi - ok
13:51:34.0328 0x2154  nsiproxy - ok
13:51:34.0336 0x2154  NTFS - ok
13:51:34.0341 0x2154  Null - ok
13:51:34.0346 0x2154  nvraid - ok
13:51:34.0351 0x2154  nvstor - ok
13:51:34.0358 0x2154  nv_agp - ok
13:51:34.0363 0x2154  OneSyncSvc - ok
13:51:34.0448 0x2154  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service D:\Programme\Origin\OriginClientService.exe
13:51:34.0583 0x2154  Origin Client Service - ok
13:51:34.0594 0x2154  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:51:34.0617 0x2154  ose64 - ok
13:51:34.0672 0x2154  [ 4E05A50D300FF558613064C92F0667AC, F853F386AFB02C06CC84EDA9A2256F9B4734EB1D50725EB6CA34F7D53AD21E79 ] OverwolfUpdater D:\Programme\Overwolf\OverwolfUpdater.exe
13:51:35.0010 0x29ac  Object required for P2P: [ C6B53600271EA23A03D5C23316407013 ] GalaxyCommunication
13:51:35.0363 0x2154  OverwolfUpdater - ok
13:51:35.0373 0x2154  p2pimsvc - ok
13:51:35.0381 0x2154  p2psvc - ok
13:51:35.0391 0x2154  Parport - ok
13:51:35.0398 0x2154  partmgr - ok
13:51:35.0403 0x2154  PcaSvc - ok
13:51:35.0408 0x2154  pci - ok
13:51:35.0414 0x2154  pciide - ok
13:51:35.0419 0x2154  pcmcia - ok
13:51:35.0424 0x2154  pcw - ok
13:51:35.0430 0x2154  pdc - ok
13:51:35.0435 0x2154  PEAUTH - ok
13:51:35.0440 0x2154  percsas2i - ok
13:51:35.0445 0x2154  percsas3i - ok
13:51:35.0461 0x2154  PerfHost - ok
13:51:35.0472 0x2154  PhoneSvc - ok
13:51:35.0478 0x2154  PimIndexMaintenanceSvc - ok
13:51:35.0494 0x2154  pla - ok
13:51:35.0498 0x2154  PlugPlay - ok
13:51:35.0504 0x2154  PnkBstrA - ok
13:51:35.0509 0x2154  PNRPAutoReg - ok
13:51:35.0515 0x2154  PNRPsvc - ok
13:51:35.0520 0x2154  PolicyAgent - ok
13:51:35.0527 0x2154  Power - ok
13:51:35.0532 0x2154  PptpMiniport - ok
13:51:35.0598 0x2154  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:51:35.0731 0x2154  PrintNotify - ok
13:51:35.0742 0x2154  Processor - ok
13:51:35.0747 0x2154  ProfSvc - ok
13:51:35.0752 0x2154  Psched - ok
13:51:35.0757 0x2154  QWAVE - ok
13:51:35.0763 0x2154  QWAVEdrv - ok
13:51:35.0767 0x2154  RasAcd - ok
13:51:35.0773 0x2154  RasAgileVpn - ok
13:51:35.0777 0x2154  RasAuto - ok
13:51:35.0782 0x2154  Rasl2tp - ok
13:51:35.0787 0x2154  RasMan - ok
13:51:35.0793 0x2154  RasPppoe - ok
13:51:35.0797 0x2154  RasSstp - ok
13:51:35.0802 0x2154  rdbss - ok
13:51:35.0811 0x2154  rdpbus - ok
13:51:35.0815 0x2154  RDPDR - ok
13:51:35.0826 0x2154  RdpVideoMiniport - ok
13:51:35.0831 0x2154  rdyboost - ok
13:51:35.0836 0x2154  ReFSv1 - ok
13:51:35.0842 0x2154  RemoteAccess - ok
13:51:35.0846 0x2154  RemoteRegistry - ok
13:51:35.0851 0x2154  RetailDemo - ok
13:51:35.0857 0x2154  RpcEptMapper - ok
13:51:35.0863 0x2154  RpcLocator - ok
13:51:35.0868 0x2154  RpcSs - ok
13:51:35.0874 0x2154  rspndr - ok
13:51:35.0897 0x2154  [ 6969DAC0C978A78E63DE59C6D5E2421C, 424DB0E2C185294D2C6646F53A83FC4A232939622B557845DF2E3F73BFC355AB ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
13:51:35.0948 0x2154  rt640x64 - ok
13:51:35.0971 0x2154  [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167        C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
13:51:36.0023 0x2154  RTL8167 - ok
13:51:36.0031 0x2154  [ C66F68E501687573B6EAA66F3F0AB285, C028CD68C4C41D3B388681FD577176F94EF2BCE8C1C5E3EBB4CA18F7E20BA715 ] rtlss          C:\WINDOWS\System32\Drivers\rtlss.sys
13:51:36.0054 0x2154  rtlss - ok
13:51:36.0127 0x2154  [ 844CB9DBE08797A2A875DF9E2AF108D7, 53463064C2F34DB9C5E1484FA370AC00C4A3486713EC80E2323B07150A27DD1F ] RtlWlanu        C:\WINDOWS\System32\drivers\rtwlanu.sys
13:51:36.0275 0x2154  RtlWlanu - ok
13:51:36.0287 0x2154  s3cap - ok
13:51:36.0292 0x2154  SamSs - ok
13:51:36.0303 0x2154  [ A96A6B13ADE213E57F488718CE6C51BC, 0E5DE674CC80A4B3D0131EAD65D15F121E362A5B01FBC92EEA78C6AA5D73ACEB ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
13:51:36.0350 0x2154  SAVAdminService - ok
13:51:36.0358 0x2154  [ 389609560D81988DA2B78F7AFE1384F0, 3AE26F2E4018D45027AA0DE09A0E58BF5F93A7E036AB73188B57C530869B0189 ] SAVOnAccess    C:\WINDOWS\system32\DRIVERS\savonaccess.sys
13:51:36.0376 0x2154  SAVOnAccess - ok
13:51:36.0383 0x2154  [ EF41D930DBD91684640390EFC623CC4F, 02D0F6C4229F567745FC6E4C500062771345EC904CC6CD14514C75748C46C90A ] SAVService      C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
13:51:36.0465 0x2154  SAVService - ok
13:51:36.0473 0x2154  [ 5A4DE7A65657965208296635F2C01E94, 8028303C7098B2C42DF6172DB39070AD4BF69B16E19EBC85B9AD6865C732C322 ] SbieDrv        C:\Program Files\Sandboxie\SbieDrv.sys
13:51:36.0501 0x2154  SbieDrv - ok
13:51:36.0507 0x2154  [ 75AE2224F4427B737C1DEF1A4F2DFDA8, 71C4B60B0C1AC4A5684C6718A65C4275ECEE300C99085E4490934DDB0DC3784E ] SbieSvc        C:\Program Files\Sandboxie\SbieSvc.exe
13:51:36.0817 0x2154  SbieSvc - ok
13:51:36.0825 0x2154  sbp2port - ok
13:51:36.0833 0x2154  SCardSvr - ok
13:51:36.0841 0x2154  ScDeviceEnum - ok
13:51:36.0849 0x2154  scfilter - ok
13:51:36.0858 0x2154  Schedule - ok
13:51:36.0864 0x2154  SCPolicySvc - ok
13:51:36.0871 0x2154  sdbus - ok
13:51:36.0876 0x2154  [ 75B98959013B22F8F40C08095B8AB73C, EF608EFBF72AF48EFC9352FCEDF0523BDBA6055612FFD22654E3B241AA9C8033 ] sdcfilter      C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
13:51:36.0899 0x2154  sdcfilter - ok
13:51:36.0904 0x2154  SDRSVC - ok
13:51:36.0909 0x2154  sdstor - ok
13:51:36.0913 0x2154  seclogon - ok
13:51:36.0919 0x2154  SENS - ok
13:51:36.0923 0x2154  SensorDataService - ok
13:51:36.0929 0x2154  SensorService - ok
13:51:36.0934 0x2154  SensorsSimulatorDriver - ok
13:51:36.0940 0x2154  SensrSvc - ok
13:51:36.0946 0x2154  SerCx - ok
13:51:36.0952 0x2154  SerCx2 - ok
13:51:36.0956 0x2154  Serenum - ok
13:51:36.0962 0x2154  Serial - ok
13:51:36.0967 0x2154  sermouse - ok
13:51:36.0977 0x2154  SessionEnv - ok
13:51:36.0984 0x2154  sfloppy - ok
13:51:36.0988 0x2154  SharedAccess - ok
13:51:36.0994 0x2154  ShellHWDetection - ok
13:51:36.0998 0x2154  SiSRaid2 - ok
13:51:37.0004 0x2154  SiSRaid4 - ok
13:51:37.0009 0x2154  smphost - ok
13:51:37.0014 0x2154  SmsRouter - ok
13:51:37.0023 0x2154  SNMPTRAP - ok
13:51:37.0036 0x2154  [ 61A8AD202BF438D9A4BDADAA6AE4C9BB, D8FBC9F088686FDEB8A72D5294F1D94543E9F9CDA4B575F034A287CE30F9E125 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
13:51:37.0083 0x2154  Sophos AutoUpdate Service - ok
13:51:37.0093 0x2154  [ 25E219807DDD9D6E3F6755361FED65D6, 47162ED76E607C66DDBC30CD6A183995CDA662FE63F28B7D09EA0FA27EA7B9FA ] Sophos MCS Agent C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
13:51:37.0221 0x2154  Sophos MCS Agent - ok
13:51:37.0240 0x2154  [ 93BC9C07ABCEF9DF8564D3570F6F5C6A, A3F4B3E4AE8EECB532F41454B0A19D147ED87810C3A9B724BCA4C29F810FDCF4 ] Sophos MCS Client C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
13:51:37.0291 0x2154  Sophos MCS Client - ok
13:51:37.0304 0x2154  [ CE9EA0AEF9A8A2E86CDCC7B76ECD97E1, F0EACC60C6912C58B596D4EE6D218772BD8C8FC6E652CFF6A2B08395896B0D6C ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
13:51:37.0375 0x2154  Sophos Web Control Service - ok
13:51:37.0382 0x2154  [ FFD056D55C46946ACA218F0A61DA2743, A9E3910EBEFC8674704F42C6D43A12A521C212B911D46FCD669D8AAFA8381C55 ] SophosBootDriver C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
13:51:37.0403 0x2154  SophosBootDriver - ok
13:51:37.0408 0x2154  spaceport - ok
13:51:37.0413 0x2154  SpbCx - ok
13:51:37.0419 0x2154  Spooler - ok
13:51:37.0424 0x2154  sppsvc - ok
13:51:37.0430 0x2154  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter      C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:51:37.0449 0x2154  SQLWriter - ok
13:51:37.0454 0x2154  srv - ok
13:51:37.0458 0x2154  srv2 - ok
13:51:37.0464 0x2154  srvnet - ok
13:51:37.0469 0x2154  SSDPSRV - ok
13:51:37.0474 0x2154  SstpSvc - ok
13:51:37.0485 0x2154  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:51:37.0515 0x2154  ssudmdm - ok
13:51:37.0519 0x2154  StateRepository - ok
13:51:37.0538 0x2154  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:51:37.0601 0x2154  Steam Client Service - ok
13:51:37.0607 0x2154  stexstor - ok
13:51:37.0613 0x2154  stisvc - ok
13:51:37.0618 0x2154  storahci - ok
13:51:37.0623 0x2154  storflt - ok
13:51:37.0629 0x2154  stornvme - ok
13:51:37.0634 0x2154  storqosflt - ok
13:51:37.0640 0x2154  StorSvc - ok
13:51:37.0647 0x2154  storufs - ok
13:51:37.0653 0x2154  storvsc - ok
13:51:37.0660 0x2154  svsvc - ok
13:51:37.0667 0x2154  swenum - ok
13:51:37.0674 0x2154  [ 6E08BD408572E27A6BD1ED615A2AFA84, FACA5D621F34B6DA9B18096D817531A268EC1DC07B03B68D740BC8095EB1083C ] swi_callout    C:\WINDOWS\system32\DRIVERS\swi_callout.sys
13:51:37.0699 0x2154  swi_callout - ok
13:51:37.0709 0x2154  [ 395E6CF07B90379442B555F28A7CF857, D2C9B4826284B52DB95715038F7ECF47AF03500B280CA4FE6DBD6FA83F943AAF ] swi_filter      C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
13:51:37.0876 0x2154  swi_filter - ok
13:51:37.0942 0x2154  [ 3355E3E4F86C67BDD342EF211602C9AC, 232EAFCD8DC793AABCCEFD4EC72267F7045315CF6C5D6826BF24E31C580922DB ] swi_service    C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
13:51:38.0069 0x2154  swi_service - ok
13:51:38.0080 0x2154  swprv - ok
13:51:38.0132 0x2154  [ DC675E90D41B261D78E04877F3A8B51D, DE6B1E245B3AC10FBD0ACAA4817CD92946319648329C5F9537EB38CB24D2B41D ] Synergy        D:\Programme\Synergy\synergyd.exe
13:51:38.0155 0x2154  Synergy - ok
13:51:38.0161 0x2154  Synth3dVsc - ok
13:51:38.0166 0x2154  SysMain - ok
13:51:38.0171 0x2154  SystemEventsBroker - ok
13:51:38.0177 0x2154  TabletInputService - ok
13:51:38.0183 0x2154  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901        C:\WINDOWS\System32\drivers\tap0901.sys
13:51:38.0207 0x2154  tap0901 - ok
13:51:38.0212 0x2154  TapiSrv - ok
13:51:38.0218 0x2154  [ B0181B7C8F1495AC45F3A834CEDD2772, 7B07ED181CE7B8206171B02B468C2DFF8381FF33AB52BCA6806DE3C0119DEE4D ] tapse01        C:\WINDOWS\System32\drivers\tapse01.sys
13:51:38.0242 0x2154  tapse01 - ok
13:51:38.0247 0x2154  Tcpip - ok
13:51:38.0252 0x2154  Tcpip6 - ok
13:51:38.0260 0x2154  tcpipreg - ok
13:51:38.0268 0x2154  tdx - ok
13:51:38.0275 0x2154  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
13:51:38.0291 0x2154  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
13:51:38.0599 0x29ac  Object send P2P result: true
13:51:40.0799 0x2154  Detect skipped due to KSN trusted
13:51:40.0799 0x2154  Te.Service - ok
13:51:40.0940 0x2154  [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
13:51:41.0657 0x2154  TeamViewer - ok
13:51:41.0674 0x2154  terminpt - ok
13:51:41.0678 0x2154  TermService - ok
13:51:41.0684 0x2154  Themes - ok
13:51:41.0689 0x2154  TieringEngineService - ok
13:51:41.0694 0x2154  tiledatamodelsvc - ok
13:51:41.0699 0x2154  TimeBroker - ok
13:51:41.0704 0x2154  TPM - ok
13:51:41.0709 0x2154  TrkWks - ok
13:51:41.0713 0x2154  TrustedInstaller - ok
13:51:41.0721 0x2154  tsusbflt - ok
13:51:41.0726 0x2154  TsUsbGD - ok
13:51:41.0731 0x2154  tunnel - ok
13:51:41.0736 0x2154  tzautoupdate - ok
13:51:41.0742 0x2154  uagp35 - ok
13:51:41.0746 0x2154  UASPStor - ok
13:51:41.0752 0x2154  UcmCx0101 - ok
13:51:41.0757 0x2154  UcmUcsi - ok
13:51:41.0762 0x2154  Ucx01000 - ok
13:51:41.0768 0x2154  UdeCx - ok
13:51:41.0772 0x2154  udfs - ok
13:51:41.0777 0x2154  UEFI - ok
13:51:41.0782 0x2154  Ufx01000 - ok
13:51:41.0788 0x2154  UfxChipidea - ok
13:51:41.0793 0x2154  ufxsynopsys - ok
13:51:41.0803 0x2154  UI0Detect - ok
13:51:41.0808 0x2154  uliagpkx - ok
13:51:41.0813 0x2154  umbus - ok
13:51:41.0820 0x2154  UmPass - ok
13:51:41.0825 0x2154  UmRdpService - ok
13:51:41.0830 0x2154  UnistoreSvc - ok
13:51:41.0846 0x2154  upnphost - ok
13:51:41.0853 0x2154  UrsChipidea - ok
13:51:41.0857 0x2154  UrsCx01000 - ok
13:51:41.0862 0x2154  UrsSynopsys - ok
13:51:41.0868 0x2154  usbccgp - ok
13:51:41.0872 0x2154  usbcir - ok
13:51:41.0877 0x2154  usbehci - ok
13:51:41.0882 0x2154  usbhub - ok
13:51:41.0889 0x2154  USBHUB3 - ok
13:51:41.0893 0x2154  usbohci - ok
13:51:41.0900 0x2154  usbprint - ok
13:51:41.0904 0x2154  usbscan - ok
13:51:41.0910 0x2154  usbser - ok
13:51:41.0916 0x2154  USBSTOR - ok
13:51:41.0922 0x2154  usbuhci - ok
13:51:41.0926 0x2154  USBXHCI - ok
13:51:41.0933 0x2154  UserDataSvc - ok
13:51:41.0948 0x2154  UserManager - ok
13:51:41.0954 0x2154  UsoSvc - ok
13:51:41.0958 0x2154  VaultSvc - ok
13:51:41.0980 0x2154  [ C261181C2F59ED42A71D76CF702B8CB3, CDCAFBB4EC0FC80C55E559DF4A36F30F137C788268BB0BD54E0406AABF92C7E4 ] VBoxDrv        C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
13:51:42.0039 0x2154  VBoxDrv - ok
13:51:42.0051 0x2154  [ ABB918FECFD7D19B090580D265B8B81E, D9F9119004E18FCB702913D8886682301C69955780CD44B329CC98C8B01F5F51 ] VBoxNetLwf      C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
13:51:42.0080 0x2154  VBoxNetLwf - ok
13:51:42.0088 0x2154  [ BC72D35ABDFE0F7F70D77F04C81D1567, C60B2BC9A3ECED25E6878E739FAF4C297FDB5DCB2D920238BA90C64AF1478CE9 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
13:51:42.0116 0x2154  VBoxUSBMon - ok
13:51:42.0122 0x2154  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
13:51:42.0145 0x2154  VClone - ok
13:51:42.0152 0x2154  vdrvroot - ok
13:51:42.0158 0x2154  vds - ok
13:51:42.0166 0x2154  [ C0BB7F0C789AC778549DCC20B18A8DC0, 6C985B008488EB9766C4CE6709C37AF6ECCEDA7A69EB45627B1871D891D925DF ] veracrypt      C:\WINDOWS\system32\drivers\veracrypt.sys
13:51:42.0193 0x2154  veracrypt - ok
13:51:42.0198 0x2154  VerifierExt - ok
13:51:42.0203 0x2154  vhdmp - ok
13:51:42.0209 0x2154  vhf - ok
13:51:42.0266 0x2154  [ 225E1E03B2AABE2D493FCDB459303701, 6123280A48E973AC9696954879CF5F791E6D52CBE0BD07F291437D1A82413891 ] VMAuthdService  D:\Programme\VMware\vmware-authd.exe
13:51:42.0307 0x2154  VMAuthdService - ok
13:51:42.0312 0x2154  vmbus - ok
13:51:42.0317 0x2154  VMBusHID - ok
13:51:42.0324 0x2154  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\WINDOWS\system32\drivers\vmci.sys
13:51:42.0340 0x2154  vmci - ok
13:51:42.0345 0x2154  vmicguestinterface - ok
13:51:42.0350 0x2154  vmicheartbeat - ok
13:51:42.0356 0x2154  vmickvpexchange - ok
13:51:42.0361 0x2154  vmicrdv - ok
13:51:42.0366 0x2154  vmicshutdown - ok
13:51:42.0372 0x2154  vmictimesync - ok
13:51:42.0376 0x2154  vmicvmsession - ok
13:51:42.0382 0x2154  vmicvss - ok
13:51:42.0387 0x2154  [ B6DE5224D881BF17ADDE4C88AE553423, AC9C113080313855BC93E99BEFAC4B942E93D8E4CF024607F596CA9D7F8F8A14 ] vmkbd          C:\WINDOWS\system32\drivers\VMkbd.sys
13:51:42.0408 0x2154  vmkbd - ok
13:51:42.0415 0x2154  [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
13:51:42.0435 0x2154  VMnetAdapter - ok
13:51:42.0441 0x2154  [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge    C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
13:51:42.0463 0x2154  VMnetBridge - ok
13:51:42.0481 0x2154  [ 98E73D79FCD3D48E31EE999B5DF1B0ED, FBDC884BD9376C7E8727BACCF6482207166634F4B2644C8C794295094B29426E ] VMnetDHCP      C:\WINDOWS\SysWOW64\vmnetdhcp.exe
13:51:42.0667 0x2154  VMnetDHCP - ok
13:51:42.0673 0x2154  [ B564A598B9B31E9358B2D6C9BC96D710, 19A9EFC08AE11A31169F712C577EBAFFF0A37311271FD46F02873286C8281DB7 ] VMnetuserif    C:\WINDOWS\system32\drivers\vmnetuserif.sys
13:51:42.0694 0x2154  VMnetuserif - ok
13:51:42.0714 0x2154  [ 15D702F235BD1077007A180EEFB9DBB8, 610794EB9AF68789F46D193EF11B406D190096DF9EC557563798D625806D5704 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:51:42.0752 0x2154  VMUSBArbService - ok
13:51:42.0768 0x2154  [ 0769FDF4C15D9EDD3CAAC148A8EDC2E5, 65E5CA9461C47491E83EBD755C10AE1665E71D2B73F2CE97A59B9E7380D42E8D ] VMware NAT Service C:\WINDOWS\SysWOW64\vmnat.exe
13:51:43.0003 0x2154  VMware NAT Service - ok
13:51:43.0009 0x2154  [ 8FCCBE30DC217C244CE38DD7F9B673C3, C1E6E65A435D764695C4B9411ED623D626D8A744E3E09752FBB66260D9ACE8D6 ] vmx86          C:\WINDOWS\system32\drivers\vmx86.sys
13:51:43.0029 0x2a90  Object required for P2P: [ DC675E90D41B261D78E04877F3A8B51D ] Synergy
13:51:43.0037 0x2154  vmx86 - ok
13:51:43.0043 0x2154  volmgr - ok
13:51:43.0049 0x2154  volmgrx - ok
13:51:43.0054 0x2154  volsnap - ok
13:51:43.0059 0x2154  vpci - ok
13:51:43.0064 0x2154  vsmraid - ok
13:51:43.0071 0x2154  [ 1C7DC94FDCABD06D24C3A532DC33FB34, 5403724E70ABBE1070958CA58496DB2237F35CAB37296E1ECB64D4A0FE432AC1 ] vsock          C:\WINDOWS\system32\drivers\vsock.sys
13:51:43.0087 0x2154  vsock - ok
13:51:43.0092 0x2154  VSS - ok
13:51:43.0149 0x2154  [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
13:51:43.0187 0x2154  VSStandardCollectorService140 - ok
13:51:43.0195 0x2154  VSTXRAID - ok
13:51:43.0202 0x2154  vwifibus - ok
13:51:43.0210 0x2154  vwififlt - ok
13:51:43.0217 0x2154  vwifimp - ok
13:51:43.0225 0x2154  W32Time - ok
13:51:43.0231 0x2154  WacomPen - ok
13:51:43.0235 0x2154  WalletService - ok
13:51:43.0243 0x2154  wanarp - ok
13:51:43.0247 0x2154  wanarpv6 - ok
13:51:43.0252 0x2154  wbengine - ok
13:51:43.0259 0x2154  WbioSrvc - ok
13:51:43.0264 0x2154  Wcmsvc - ok
13:51:43.0270 0x2154  wcncsvc - ok
13:51:43.0276 0x2154  WcsPlugInService - ok
13:51:43.0280 0x2154  WdBoot - ok
13:51:43.0286 0x2154  Wdf01000 - ok
13:51:43.0291 0x2154  WdFilter - ok
13:51:43.0296 0x2154  WdiServiceHost - ok
13:51:43.0301 0x2154  WdiSystemHost - ok
13:51:43.0308 0x2154  wdiwifi - ok
13:51:43.0313 0x2154  WdNisDrv - ok
13:51:43.0317 0x2154  WdNisSvc - ok
13:51:43.0324 0x2154  WebClient - ok
13:51:43.0329 0x2154  Wecsvc - ok
13:51:43.0333 0x2154  WEPHOSTSVC - ok
13:51:43.0340 0x2154  wercplsupport - ok
13:51:43.0346 0x2154  WerSvc - ok
13:51:43.0351 0x2154  WFPLWFS - ok
13:51:43.0357 0x2154  WiaRpc - ok
13:51:43.0362 0x2154  WIMMount - ok
13:51:43.0365 0x2154  WinDefend - ok
13:51:43.0370 0x2154  WinDivert1.1 - ok
13:51:43.0381 0x2154  WindowsTrustedRT - ok
13:51:43.0386 0x2154  WindowsTrustedRTProxy - ok
13:51:43.0393 0x2154  WinHttpAutoProxySvc - ok
13:51:43.0397 0x2154  WinMad - ok
13:51:43.0404 0x2154  Winmgmt - ok
13:51:43.0410 0x2154  WinRM - ok
13:51:43.0419 0x2154  WINUSB - ok
13:51:43.0425 0x2154  WinVerbs - ok
13:51:43.0430 0x2154  WlanSvc - ok
13:51:43.0435 0x2154  wlidsvc - ok
13:51:43.0440 0x2154  WmiAcpi - ok
13:51:43.0448 0x2154  wmiApSrv - ok
13:51:43.0452 0x2154  WMPNetworkSvc - ok
13:51:43.0463 0x2154  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
13:51:43.0673 0x2154  Wof - ok
13:51:43.0688 0x2154  workfolderssvc - ok
13:51:43.0696 0x2154  wpcfltr - ok
13:51:43.0705 0x2154  WPDBusEnum - ok
13:51:43.0711 0x2154  WpdUpFltr - ok
13:51:43.0716 0x2154  WpnService - ok
13:51:43.0722 0x2154  ws2ifsl - ok
13:51:43.0727 0x2154  wscsvc - ok
13:51:43.0732 0x2154  WSDPrintDevice - ok
13:51:43.0739 0x2154  WSearch - ok
13:51:43.0745 0x2154  WSService - ok
13:51:43.0751 0x2154  wuauserv - ok
13:51:43.0757 0x2154  WudfPf - ok
13:51:43.0761 0x2154  WUDFRd - ok
13:51:43.0766 0x2154  wudfsvc - ok
13:51:43.0772 0x2154  WUDFWpdFs - ok
13:51:43.0777 0x2154  WwanSvc - ok
13:51:43.0783 0x2154  XblAuthManager - ok
13:51:43.0789 0x2154  XblGameSave - ok
13:51:43.0794 0x2154  xboxgip - ok
13:51:43.0799 0x2154  XboxNetApiSvc - ok
13:51:43.0806 0x2154  xinputhid - ok
13:51:43.0814 0x2154  XSplit_Dummy - ok
13:51:43.0842 0x2154  ================ Scan global ===============================
13:51:43.0862 0x2154  [ Global ] - ok
13:51:43.0863 0x2154  ================ Scan MBR ==================================
13:51:43.0865 0x2154  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:43.0954 0x2154  \Device\Harddisk0\DR0 - ok
13:51:43.0977 0x2154  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:51:44.0047 0x2154  \Device\Harddisk1\DR1 - ok
13:51:44.0053 0x2154  [ 95CCC4DFCFB56093C9B019159268F03A ] \Device\Harddisk3\DR3
13:51:44.0146 0x2154  \Device\Harddisk3\DR3 - ok
13:51:44.0146 0x2154  ================ Scan VBR ==================================
13:51:44.0149 0x2154  [ 5763B6991C41E832EEC52143A786E2B0 ] \Device\Harddisk0\DR0\Partition1
13:51:44.0151 0x2154  \Device\Harddisk0\DR0\Partition1 - ok
13:51:44.0154 0x2154  [ BA549B2FBE1D3C214BBD52B875C4157E ] \Device\Harddisk0\DR0\Partition2
13:51:44.0155 0x2154  \Device\Harddisk0\DR0\Partition2 - ok
13:51:44.0159 0x2154  [ BD7FD0C25B193E8A1AC367628716C57F ] \Device\Harddisk1\DR1\Partition1
13:51:44.0200 0x2154  \Device\Harddisk1\DR1\Partition1 - ok
13:51:44.0201 0x2154  ================ Scan generic autorun ======================
13:51:44.0377 0x2154  [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
13:51:44.0621 0x2154  RTHDVCPL - ok
13:51:44.0663 0x2154  [ 93787FF75E6323CF1D5467CA119CF76D, 9CBD2B9BF44FCE78AA87FD7A26A65AEE9DD04C43991142528F57FF9A0E2FC4A4 ] D:\Programme\Greenshot\Greenshot.exe
13:51:44.0757 0x2154  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
13:51:45.0572 0x2a90  Object send P2P result: true
13:51:47.0192 0x2154  Object required for P2P: [ 93787FF75E6323CF1D5467CA119CF76D ] D:\Programme\Greenshot\Greenshot.exe
13:51:49.0796 0x2154  Object send P2P result: true
13:51:49.0796 0x2154  Detect skipped due to KSN trusted
13:51:49.0796 0x2154  Greenshot - ok
13:51:49.0799 0x2154  [ 1E2B7E1F256CBC4B55DDD622FF5604EF, C25BF91080A382AAE78FB52C1E05737CC7ECE575D6243D0DC91769C4BAF36489 ] C:\Program Files (x86)\Raptr\raptrstub.exe
13:51:49.0830 0x2154  Raptr - ok
13:51:49.0936 0x2154  [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe
13:51:50.0068 0x2154  EaseUS EPM tray - ok
13:51:50.0090 0x2154  [ B8968E6FDADE1F0E4566E0A948A12176, 2677B3D16C1B090DDB07C2939A6B7D20B08364A2CBCA5A1A40575A5678C5498E ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
13:51:50.0231 0x2154  BlueStacks Agent - ok
13:51:50.0246 0x2154  [ 1BFC269826DF9E8340796BFF5EBC6C87, 60817E6FA576E8981C15D4BA7BB031E6BAFA57F8DC8A438A2E1F8C137B289A3E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:51:50.0528 0x2154  SunJavaUpdateSched - ok
13:51:50.0547 0x2154  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
13:51:50.0580 0x2154  StartCCC - ok
13:51:50.0677 0x2154  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\Programme\VirtualCloneDrive\VCDDaemon.exe
13:51:50.0733 0x2154  VirtualCloneDrive - ok
13:51:50.0762 0x2154  [ 525F5D4EC803FA5B03CF7E51FF7A71A1, 8A7961897469F1631CEE5AF66937ED73011928B627897C9794611A02912AB8F6 ] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
13:51:50.0887 0x2154  Sophos AutoUpdate Monitor - ok
13:51:50.0900 0x2154  OneDriveSetup - ok
13:51:50.0903 0x2154  OneDriveSetup - ok
13:51:50.0955 0x2154  [ 192B8235DEBCE406086D798874D57FEF, 5C82653D0255BE54B55E2A016D17068683375F88882B471B998C161ABD953F92 ] D:\Programme\WinPatrol\winpatrol.exe
13:51:50.0999 0x1fac  Object required for P2P: [ C0BB7F0C789AC778549DCC20B18A8DC0 ] veracrypt
13:51:51.0022 0x2154  WinPatrol - ok
13:51:51.0307 0x2154  [ 3207A86C13347CE6DE26D06BCBFE0E02, A5F9B0B03844FA51B345BAAB16F7AD80272C061CE00447ACD1B8292B8C7D0C6E ] C:\Program Files (x86)\eM Client\MailClient.exe
13:51:52.0489 0x2154  eM Client - ok
13:51:52.0757 0x2154  [ F8C53D4AD87A2955C3DB857545B0E3DE, B3652296CB7C1310E8544539029DDD2BF8B6164E8ACEE7F3EBC936F83C80C7BC ] D:\Programme\FileHippo.com\FileHippo.AppManager.exe
13:51:53.0576 0x1fac  Object send P2P result: true
13:51:53.0953 0x2154  FileHippo.com - ok
13:51:54.0004 0x2154  [ 8FE478638E87F790EF1BBE01BD60D22C, 71DC3E183BDBE5A3F38210B1B069522802288542E007F307D4E27940BF52F504 ] C:\Users\Fabian\AppData\Roaming\BitTorrent\BitTorrent.exe
13:51:55.0637 0x2154  BitTorrent - ok
13:51:55.0670 0x2154  [ FDE87ECFEBD958C22EE96C83C75CFD68, EA521538A177A676291DB9E5FA4373E799059E47D1A60C170FD6B69E7CD6F58E ] C:\Users\Fabian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:51:55.0818 0x2154  Spotify Web Helper - ok
13:51:55.0837 0x2154  [ 85456F8A40C3248C63E34A733AE96833, 1548FB3A219363D552ED408E1A9067E5710E209CEF3803201B9931A131E4603C ] C:\Program Files\Sandboxie\SbieCtrl.exe
13:51:55.0876 0x2154  SandboxieControl - ok
13:51:55.0888 0x2154  [ 0A81DF13C4AEAC053C0DCE6240DC05D4, 13900D6FA1E9221236E79567DB0C6143AB7FECD4431CA295C33A039D1170E06B ] C:\Program Files\CyberGhost 5\CyberGhost.exe
13:51:55.0991 0x2154  CyberGhost - ok
13:51:55.0994 0x2154  Waiting for KSN requests completion. In queue: 14
13:51:56.0995 0x2154  Waiting for KSN requests completion. In queue: 14
13:51:57.0995 0x2154  Waiting for KSN requests completion. In queue: 14
13:51:59.0043 0x2154  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated )
13:51:59.0045 0x2154  AV detected via SS2: Sophos Home, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe ( 10.5.1.0 ), 0x51000 ( enabled : updated )
13:51:59.0050 0x2154  Win FW state via NFP2: enabled ( trusted )
13:52:01.0562 0x2154  ============================================================
13:52:01.0562 0x2154  Scan finished
13:52:01.0562 0x2154  ============================================================
13:52:01.0578 0x230c  Detected object count: 0
13:52:01.0579 0x230c  Actual detected object count: 0

deeprybka 06.03.2016 14:28
Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 10:26 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131