Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Verdächtige Registryeinträge (https://www.trojaner-board.de/179677-verdaechtige-registryeintraege.html)

SafeCall 18.06.2016 11:06
Verdächtige Registryeinträge
 
Hallo und Guten Tag ,
Ich bin gerade eben eher zufällig meine Registry durchgegangen nach dem ich einen Artikel von GDATA von nicht erkennbaren Viren gelesen habe.(https://blog.gdatasoftware.com/2014/07/23947-poweliks-the-persistent-malware-without-a-file)
Unabhängig davon sind mir dann im Pfad "\HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run" 2 Einträge aufgefallen wo ich mir nicht sicher bin woher sie kommen und was ihre Aufgabe ist. Im Internet habe ich auch nichts darüber gefunden.Könnten das Viren sein?

Bei den Einträgen handelt es sich einmal um "YZPack" und um "Udmedia" siehe screenshot.

http://i.imgur.com/L92ltjK.png

Malewarebytes und Avast sagen nichts dazu.

Mein Betriebsystem ist Win 10 64bit.

Danke im Voraus :)

deeprybka 18.06.2016 12:21
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

SafeCall 18.06.2016 12:45
Ok , erstmal danke für das Willkommen und die Hilfe :)

FRST Log

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
durchgeführt von Jason (2016-06-18 13:28:09)
Gestartet von C:\Users\Jason\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-07 15:13:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1369008476-2929507647-2192831292-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1369008476-2929507647-2192831292-503 - Limited - Disabled)
Gast (S-1-5-21-1369008476-2929507647-2192831292-501 - Limited - Disabled)
Jason (S-1-5-21-1369008476-2929507647-2192831292-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Corsair Gaming Headset Software (HKLM-x32\...\{F07ECABA-F37C-4D1D-A244-829195193DA7}) (Version: 2.0.37 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.8 - Emsisoft Ltd.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.22-0.11.17-beta - Riot Games)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PARTHICA Core Gaming Keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - SPEEDLINK)
Proxifier version 3.29 (HKLM-x32\...\Proxifier_is1) (Version: 3.29 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2607 - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.18 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FDBEEC109F51}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0101DB32-B0CC-4B29-B4D7-5E881651DB8B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {0190965E-37B0-452C-BFE0-41F58644CBCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {0EB48B8F-4052-4CC0-92DA-B14150868334} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {1AD64556-5501-41A2-ACC6-CAE3AE1EA809} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2D74239E-5052-43B3-A537-A68D1289B0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {2F7C8DDD-16EE-45D6-BAC1-3495E345D0F0} - System32\Tasks\SafeZone scheduled Autoupdate 1466142880 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {4322A2E5-E438-4973-8923-68F3DDE78969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {46C2D336-44D9-4E18-8DAD-4036CCF8DA65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {586B6CAD-3757-4BA7-A47D-E684342E4815} - System32\Tasks\Driver Booster SkipUAC (Jason) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {5C5452DF-0976-4651-8E00-FBD2035214B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {6B6CB93F-50C4-4554-ADE2-2BFB84AF4E7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {73E8AF38-5956-48C0-850E-20AADE99CF0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {740BD406-966D-44AB-BB13-D374D9759238} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-17] (AVAST Software)
Task: {779D51B1-5E5B-4D9F-B26A-AB1A103E414E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {8FC2B8D6-395C-4284-99A0-648794CFE946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {95A7ED4B-DF5B-4194-BDE0-C6D1D07EF16D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {AEFFF2DE-EFF2-4E1B-A898-8C1825E37540} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {BF0C6B78-B181-4CA3-8778-151BD35EE0EE} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C271BD39-FE65-41F2-8D61-27BD0810D2AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CD517F5F-F6CC-4476-8A82-46D7F2FCF356} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2016-04-20 21:32 - 2015-03-28 15:55 - 00096840 _____ () C:\Windows\system32\PrxerNsp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-07 17:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-03-27 00:46 - 2016-03-27 00:46 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-04-12 21:16 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-04-12 21:16 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-07 20:30 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 19:24 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00113152 _____ () C:\Program Files\Rainmeter\Plugins\ResMon.DLL
2016-03-22 17:54 - 2016-03-22 17:54 - 00022016 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00123392 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00128000 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00108544 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00134656 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00192512 _____ () C:\Program Files\Rainmeter\Plugins\FileView.DLL
2016-06-13 18:25 - 2016-06-13 18:25 - 00719872 _____ () C:\Users\Jason\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00171008 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2016-05-14 00:09 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 02:10 - 2016-06-03 02:10 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-07 17:56 - 2016-03-07 17:57 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-15 19:18 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 19:18 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 19:18 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 19:18 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-18 09:54 - 2016-06-18 09:54 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16061800\algo.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-17 20:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-17 20:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-17 20:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-04-12 21:16 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-17 07:46 - 2016-06-17 07:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-06-18 11:21 - 00453460 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        activation-v2.kaspersky.com
127.0.0.1        activation-v2.geo.kaspersky.com127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        123moviedownload.com

Da befinden sich 15535 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run32: => "P17RunE"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SL-6482 Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ISCT Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Udmedia"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "YZPack"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Oxxics"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Chromium"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6131E621-FDE5-44F2-9CE6-425DFF3C86E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{810FD576-273A-4D7B-96AA-0E8B607BB2F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{905EC3D8-A127-42F6-B2EE-F625EEB39500}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{4F1E811F-F5D0-4ACA-B414-70D60E2B7B33}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E2056337-7E44-4E4D-8C2A-8363A2706B83}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{A978A507-C7BB-4482-95DA-1D48A18324F2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{44354F4C-075B-400D-BA06-6CD65468587B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4D91253-B2EF-4E77-BE4B-399F7C177C05}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1BC6E792-9E41-4416-AA68-7525CE995266}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B192FE53-AC1D-49CE-A969-895C2E8119C1}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{381891B0-56AD-49C7-9218-78B0CD5E824D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{51D72A44-BAE0-49C6-8386-A890B4394BC1}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{358C67D9-D5AB-4CA6-8CD2-B3A0378B798E}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F2E293B-98E5-4CAD-8A2E-55C385170B50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B0B621B7-3C61-40E2-BDB7-ABB0C3FB84EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5DCF411-EA4E-4843-95BF-988FC691F9D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A529575-A63D-4028-8FFC-04A5F87DFA54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{91569899-59A8-4D13-92E1-75647B313D51}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{233D6302-5406-4696-AFB7-FB04FCDB567A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6218D5E3-805B-4308-B351-75C90441765D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3A8378CB-B1E8-4318-A6D2-91EF7F1A0AB4}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{57817442-8257-4D9D-BEE9-36E91740CD24}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CF0AF5BF-8C54-4D2A-AA21-8110E839DCE1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{90A3D202-A820-47CA-9EDB-8B31A180B5CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{06E797AA-FFCF-45F4-A26D-356D8186A4D9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4374612E-A4E1-479A-9991-762FC9566F74}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{06A334F4-F93A-487F-BBDA-EDE704234BAF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D2CA67A4-9E6F-4408-B404-E4818F607BA5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C765FFDD-EF36-424B-9A66-BAB87777AD42}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{45BB9819-AA99-4FD7-A246-F0B41781EDBF}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{1111FED4-521A-4D4D-9619-2C9BEA13D664}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{0F393A4B-407A-4066-AD21-FD1B33409620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4629553-AE24-470A-95EE-1A59C623CF3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43044DB2-DF8A-47AC-B439-271814A7A941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC2A39D8-AC25-4339-BB91-8B70CB78F0F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EAAEFD9B-1027-4B78-A4A5-CEFD4F397872}] => (Allow) LPort=8317
FirewallRules: [{BBA82E3D-8D3E-443C-9FE1-7BD07C2B39CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{32BB7D60-6DCC-4A88-B5A3-8D5F925B45EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2287E9B7-B314-42DE-B684-D94B77997365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3D196C07-A404-4CC6-A17C-1B61EEBB0F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB9A6432-44FC-4248-A513-176C2E6CA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5D09FF5E-8EE7-46DF-BFCD-1DC31C3C9728}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D890147-64CF-44E2-A891-A36937052171}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8118627F-F677-4309-B26C-D5C74707B355}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{64B805F0-08B6-40BB-9F6F-D0B30BBF6335}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B8F81720-BF70-4FF0-987D-1D6FDD164685}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{70EB8D72-E106-48D9-A1E4-BA8F3E033A18}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6AA4FE9B-4C09-41BC-8F9B-5BC9B5F2D51B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E83C8B51-26D8-4C4D-A199-745DD34A46A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F52CB433-48AF-48E5-828A-2D97B47025F1}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{D1033B6A-954C-4E4B-A1FD-7FFA6D0873E0}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{65750AF5-4BDA-45D0-B324-01CABEC9FB42}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{2700FAF6-29AD-4BB8-84BA-196E0985AC72}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6F194FA5-99AE-4D9E-AA7D-89586FF96591}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B8611968-C770-427A-BDBA-2DC9781C45BA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{21E0DAE0-38A0-4C5A-A405-9C9AA8F229D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{3E4B7DE5-43D9-4E34-A5D9-E442F6D27203}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9867B49B-3082-43FD-9416-E64E29DEB600}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8C38DFB3-8F28-417C-8880-4CD48EBE9748}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B9E06F-EC85-403F-855D-97AFC4367CFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6BFF4AF-7DE6-43EB-8411-76F67F843DA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{35B9812A-2ECD-4199-8F08-614531FC8563}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5F52E47-02EE-40E4-99CD-207A62BC40AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98DEC2D8-453F-4164-92D3-9C300D7BC0CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3AB3326-B8C1-46E3-99CE-BAC078830146}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

14-06-2016 18:27:04 Geplanter Prüfpunkt
17-06-2016 03:57:15 Installed Microsoft Office Professional Plus 2013
17-06-2016 03:57:20 PROPLUSR
18-06-2016 10:06:07 ASU_MSI_TRAN

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/18/2016 10:06:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/17/2016 11:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2071.1338, Zeitstempel: 0x5726e00c
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5726e510
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0x13a0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (06/17/2016 09:28:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 09:16:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (4960) testing: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4956) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 05:12:31 AM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Accepted Safe Mode action : Microsoft Word.

Error: (06/17/2016 05:10:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5

Error: (06/17/2016 05:10:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Name des fehlerhaften Moduls: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Ausnahmecode: 0xc0000409
Fehleroffset: 0x003c1996
ID des fehlerhaften Prozesses: 0xa6c
Startzeit der fehlerhaften Anwendung: 0xTeamViewer_Service.exe0
Pfad der fehlerhaften Anwendung: TeamViewer_Service.exe1
Pfad des fehlerhaften Moduls: TeamViewer_Service.exe2
Berichtskennung: TeamViewer_Service.exe3
Vollständiger Name des fehlerhaften Pakets: TeamViewer_Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TeamViewer_Service.exe5

Error: (06/17/2016 05:00:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0x1388
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5


Systemfehler:
=============
Error: (06/18/2016 11:42:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5a28e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/18/2016 11:42:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Software Integrity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-06-17 12:00:49.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 04:38:40.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 03:59:05.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 13:36:17.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 19:27:59.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-13 18:27:45.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.283
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8083.68 MB
Verfügbarer physikalischer RAM: 4920.33 MB
Summe virtueller Speicher: 9363.68 MB
Verfügbarer virtueller Speicher: 5654.23 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:87.17 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:759.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A7F96F5D)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00F987B4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Additon Log

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
durchgeführt von Jason (2016-06-18 13:28:09)
Gestartet von C:\Users\Jason\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-07 15:13:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1369008476-2929507647-2192831292-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1369008476-2929507647-2192831292-503 - Limited - Disabled)
Gast (S-1-5-21-1369008476-2929507647-2192831292-501 - Limited - Disabled)
Jason (S-1-5-21-1369008476-2929507647-2192831292-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Corsair Gaming Headset Software (HKLM-x32\...\{F07ECABA-F37C-4D1D-A244-829195193DA7}) (Version: 2.0.37 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.8 - Emsisoft Ltd.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.22-0.11.17-beta - Riot Games)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PARTHICA Core Gaming Keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - SPEEDLINK)
Proxifier version 3.29 (HKLM-x32\...\Proxifier_is1) (Version: 3.29 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2607 - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.18 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FDBEEC109F51}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0101DB32-B0CC-4B29-B4D7-5E881651DB8B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {0190965E-37B0-452C-BFE0-41F58644CBCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {0EB48B8F-4052-4CC0-92DA-B14150868334} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {1AD64556-5501-41A2-ACC6-CAE3AE1EA809} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2D74239E-5052-43B3-A537-A68D1289B0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {2F7C8DDD-16EE-45D6-BAC1-3495E345D0F0} - System32\Tasks\SafeZone scheduled Autoupdate 1466142880 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {4322A2E5-E438-4973-8923-68F3DDE78969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {46C2D336-44D9-4E18-8DAD-4036CCF8DA65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {586B6CAD-3757-4BA7-A47D-E684342E4815} - System32\Tasks\Driver Booster SkipUAC (Jason) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {5C5452DF-0976-4651-8E00-FBD2035214B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {6B6CB93F-50C4-4554-ADE2-2BFB84AF4E7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {73E8AF38-5956-48C0-850E-20AADE99CF0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {740BD406-966D-44AB-BB13-D374D9759238} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-17] (AVAST Software)
Task: {779D51B1-5E5B-4D9F-B26A-AB1A103E414E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {8FC2B8D6-395C-4284-99A0-648794CFE946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {95A7ED4B-DF5B-4194-BDE0-C6D1D07EF16D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {AEFFF2DE-EFF2-4E1B-A898-8C1825E37540} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {BF0C6B78-B181-4CA3-8778-151BD35EE0EE} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C271BD39-FE65-41F2-8D61-27BD0810D2AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CD517F5F-F6CC-4476-8A82-46D7F2FCF356} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2016-04-20 21:32 - 2015-03-28 15:55 - 00096840 _____ () C:\Windows\system32\PrxerNsp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-07 17:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-03-27 00:46 - 2016-03-27 00:46 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-04-12 21:16 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-04-12 21:16 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-07 20:30 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 19:24 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00113152 _____ () C:\Program Files\Rainmeter\Plugins\ResMon.DLL
2016-03-22 17:54 - 2016-03-22 17:54 - 00022016 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00123392 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00128000 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00108544 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00134656 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00192512 _____ () C:\Program Files\Rainmeter\Plugins\FileView.DLL
2016-06-13 18:25 - 2016-06-13 18:25 - 00719872 _____ () C:\Users\Jason\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00171008 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2016-05-14 00:09 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 02:10 - 2016-06-03 02:10 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-07 17:56 - 2016-03-07 17:57 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-15 19:18 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 19:18 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 19:18 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 19:18 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-18 09:54 - 2016-06-18 09:54 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16061800\algo.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-17 20:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-17 20:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-17 20:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-04-12 21:16 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-17 07:46 - 2016-06-17 07:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-06-18 11:21 - 00453460 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        activation-v2.kaspersky.com
127.0.0.1        activation-v2.geo.kaspersky.com127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        123moviedownload.com

Da befinden sich 15535 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run32: => "P17RunE"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SL-6482 Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ISCT Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Udmedia"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "YZPack"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Oxxics"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Chromium"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6131E621-FDE5-44F2-9CE6-425DFF3C86E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{810FD576-273A-4D7B-96AA-0E8B607BB2F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{905EC3D8-A127-42F6-B2EE-F625EEB39500}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{4F1E811F-F5D0-4ACA-B414-70D60E2B7B33}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E2056337-7E44-4E4D-8C2A-8363A2706B83}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{A978A507-C7BB-4482-95DA-1D48A18324F2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{44354F4C-075B-400D-BA06-6CD65468587B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4D91253-B2EF-4E77-BE4B-399F7C177C05}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1BC6E792-9E41-4416-AA68-7525CE995266}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B192FE53-AC1D-49CE-A969-895C2E8119C1}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{381891B0-56AD-49C7-9218-78B0CD5E824D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{51D72A44-BAE0-49C6-8386-A890B4394BC1}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{358C67D9-D5AB-4CA6-8CD2-B3A0378B798E}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F2E293B-98E5-4CAD-8A2E-55C385170B50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B0B621B7-3C61-40E2-BDB7-ABB0C3FB84EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5DCF411-EA4E-4843-95BF-988FC691F9D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A529575-A63D-4028-8FFC-04A5F87DFA54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{91569899-59A8-4D13-92E1-75647B313D51}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{233D6302-5406-4696-AFB7-FB04FCDB567A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6218D5E3-805B-4308-B351-75C90441765D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3A8378CB-B1E8-4318-A6D2-91EF7F1A0AB4}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{57817442-8257-4D9D-BEE9-36E91740CD24}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CF0AF5BF-8C54-4D2A-AA21-8110E839DCE1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{90A3D202-A820-47CA-9EDB-8B31A180B5CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{06E797AA-FFCF-45F4-A26D-356D8186A4D9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4374612E-A4E1-479A-9991-762FC9566F74}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{06A334F4-F93A-487F-BBDA-EDE704234BAF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D2CA67A4-9E6F-4408-B404-E4818F607BA5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C765FFDD-EF36-424B-9A66-BAB87777AD42}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{45BB9819-AA99-4FD7-A246-F0B41781EDBF}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{1111FED4-521A-4D4D-9619-2C9BEA13D664}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{0F393A4B-407A-4066-AD21-FD1B33409620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4629553-AE24-470A-95EE-1A59C623CF3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43044DB2-DF8A-47AC-B439-271814A7A941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC2A39D8-AC25-4339-BB91-8B70CB78F0F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EAAEFD9B-1027-4B78-A4A5-CEFD4F397872}] => (Allow) LPort=8317
FirewallRules: [{BBA82E3D-8D3E-443C-9FE1-7BD07C2B39CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{32BB7D60-6DCC-4A88-B5A3-8D5F925B45EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2287E9B7-B314-42DE-B684-D94B77997365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3D196C07-A404-4CC6-A17C-1B61EEBB0F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB9A6432-44FC-4248-A513-176C2E6CA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5D09FF5E-8EE7-46DF-BFCD-1DC31C3C9728}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D890147-64CF-44E2-A891-A36937052171}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8118627F-F677-4309-B26C-D5C74707B355}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{64B805F0-08B6-40BB-9F6F-D0B30BBF6335}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B8F81720-BF70-4FF0-987D-1D6FDD164685}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{70EB8D72-E106-48D9-A1E4-BA8F3E033A18}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6AA4FE9B-4C09-41BC-8F9B-5BC9B5F2D51B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E83C8B51-26D8-4C4D-A199-745DD34A46A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F52CB433-48AF-48E5-828A-2D97B47025F1}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{D1033B6A-954C-4E4B-A1FD-7FFA6D0873E0}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{65750AF5-4BDA-45D0-B324-01CABEC9FB42}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{2700FAF6-29AD-4BB8-84BA-196E0985AC72}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6F194FA5-99AE-4D9E-AA7D-89586FF96591}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B8611968-C770-427A-BDBA-2DC9781C45BA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{21E0DAE0-38A0-4C5A-A405-9C9AA8F229D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{3E4B7DE5-43D9-4E34-A5D9-E442F6D27203}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9867B49B-3082-43FD-9416-E64E29DEB600}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8C38DFB3-8F28-417C-8880-4CD48EBE9748}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B9E06F-EC85-403F-855D-97AFC4367CFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6BFF4AF-7DE6-43EB-8411-76F67F843DA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{35B9812A-2ECD-4199-8F08-614531FC8563}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5F52E47-02EE-40E4-99CD-207A62BC40AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98DEC2D8-453F-4164-92D3-9C300D7BC0CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3AB3326-B8C1-46E3-99CE-BAC078830146}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

14-06-2016 18:27:04 Geplanter Prüfpunkt
17-06-2016 03:57:15 Installed Microsoft Office Professional Plus 2013
17-06-2016 03:57:20 PROPLUSR
18-06-2016 10:06:07 ASU_MSI_TRAN

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/18/2016 10:06:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/17/2016 11:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2071.1338, Zeitstempel: 0x5726e00c
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5726e510
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0x13a0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (06/17/2016 09:28:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 09:16:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (4960) testing: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4956) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 05:12:31 AM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Accepted Safe Mode action : Microsoft Word.

Error: (06/17/2016 05:10:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5

Error: (06/17/2016 05:10:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Name des fehlerhaften Moduls: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Ausnahmecode: 0xc0000409
Fehleroffset: 0x003c1996
ID des fehlerhaften Prozesses: 0xa6c
Startzeit der fehlerhaften Anwendung: 0xTeamViewer_Service.exe0
Pfad der fehlerhaften Anwendung: TeamViewer_Service.exe1
Pfad des fehlerhaften Moduls: TeamViewer_Service.exe2
Berichtskennung: TeamViewer_Service.exe3
Vollständiger Name des fehlerhaften Pakets: TeamViewer_Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TeamViewer_Service.exe5

Error: (06/17/2016 05:00:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0x1388
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5


Systemfehler:
=============
Error: (06/18/2016 11:42:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5a28e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/18/2016 11:42:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Software Integrity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 11:42:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-06-17 12:00:49.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 04:38:40.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 03:59:05.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 13:36:17.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 19:27:59.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-13 18:27:45.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.283
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8083.68 MB
Verfügbarer physikalischer RAM: 4920.33 MB
Summe virtueller Speicher: 9363.68 MB
Verfügbarer virtueller Speicher: 5654.23 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:87.17 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:759.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A7F96F5D)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00F987B4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 18.06.2016 12:47
Hi,
das ist zweimal die Addition.txt. :)

SafeCall 18.06.2016 12:51
-EDIT Erster Log ist Falsch , hab ausversehen den Addition 2mal gepostet

Richtiger FRST Log

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
durchgeführt von Jason (Administrator) auf DESKTOP-KSH5MTL (18-06-2016 13:27:30)
Gestartet von C:\Users\Jason\Desktop
Geladene Profile: Jason (Verfügbare Profile: Jason)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Initex) C:\Program Files (x86)\Proxifier\Proxifier.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Spotify Ltd) C:\Users\Jason\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9501040 2016-06-01] (Emsisoft Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\PARTHICA Core Gaming Keyboard\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2916160 2015-09-21] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-17] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424448 2016-06-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify Web Helper] => C:\Users\Jason\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1552496 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify] => C:\Users\Jason\AppData\Roaming\Spotify\Spotify.exe [6916208 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-04-27] (Electronic Arts)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Proxifier] => c:\program files (x86)\proxifier\proxifier.exe [4624976 2015-12-02] (Initex)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [YZPack] => regsvr32.exe C:\Users\Jason\AppData\Local\YZPack\Sdltor.dll <===== ACHTUNG
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Udmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Jason\AppData\Local\Oxxics\wbMobilent5.dll
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {99815414-342b-11e6-96fe-bc5ff419b6ed} - "H:\SETUP.EXE"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924ccfc-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924cd31-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {efcafdb6-e476-11e5-96d7-806e6f6e6963} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-17] (AVAST Software)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-04-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-30] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\3xyporxq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (DedraTV Support Plugin!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\adjogjbhhbckdhlhkglddoilhehegbbc [2016-05-20]
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11433080 2016-06-01] (Emsisoft Ltd)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-06-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-05-15] (BitRaider, LLC)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-03-07] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-04-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-03-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-03-26] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-17] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-06-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-06-17] (AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-05-15] (BitRaider)
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2015-09-21] (Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2016-03-07] (Cypress Semiconductor, Inc.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [126280 2016-05-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-07] (REALiX(tm))
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-03-07] (Realtek                                            )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 13:27 - 2016-06-18 13:27 - 00024467 _____ C:\Users\Jason\Desktop\FRST.txt
2016-06-18 13:27 - 2016-06-18 13:25 - 02386944 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2016-06-18 13:26 - 2016-06-18 13:27 - 00000000 ____D C:\FRST
2016-06-18 12:48 - 2016-06-18 12:48 - 00005362 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL
2016-06-18 12:22 - 2016-06-18 12:22 - 00001782 _____ C:\Users\Jason\Desktop\Chrome.lnk
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOShared
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOPrivate
2016-06-18 11:21 - 2016-04-23 21:32 - 00001556 _____ C:\Windows\system32\Drivers\etc\hosts.20160618-112155.backup
2016-06-18 11:13 - 2016-06-18 11:13 - 00000000 ____D C:\ProgramData\Emsisoft
2016-06-18 11:10 - 2016-06-18 13:27 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-06-18 11:10 - 2016-06-18 11:10 - 00000937 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-06-18 11:10 - 2016-06-18 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-06-18 11:05 - 2016-06-18 11:05 - 00000000 ____D C:\$SysReset
2016-06-17 20:55 - 2016-06-17 20:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-17 20:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-06-17 20:53 - 2016-06-18 11:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-17 20:53 - 2016-06-17 20:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-17 20:53 - 2016-06-17 20:53 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-17 20:53 - 2016-06-17 20:53 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-17 20:53 - 2016-06-17 20:53 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-06-17 20:53 - 2016-06-17 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-17 20:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-06-17 20:49 - 2016-06-18 11:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 20:45 - 2016-06-17 20:45 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-17 20:35 - 2016-06-17 20:35 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-06-17 20:35 - 2016-06-17 20:35 - 00001967 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-06-17 20:34 - 2016-06-17 20:34 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-06-17 20:34 - 2016-06-17 07:46 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-17 20:26 - 2016-06-17 20:27 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Users\Jason\AppData\Local\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-17 20:25 - 2016-06-17 20:25 - 00002608 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-06-17 20:21 - 2016-06-17 20:36 - 00000000 ____D C:\Users\Jason\Desktop\School
2016-06-17 07:54 - 2016-06-17 20:35 - 00004042 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466142880
2016-06-17 07:54 - 2016-06-17 20:35 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00001082 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-17 07:52 - 2016-06-17 20:58 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 07:52 - 2016-06-17 20:58 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 07:52 - 2016-06-17 20:26 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-17 07:52 - 2016-06-17 20:26 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-17 07:52 - 2016-06-17 07:52 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-17 07:46 - 2016-06-17 20:34 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-17 07:46 - 2016-06-17 07:46 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00000000 ____D C:\Users\Jason\AppData\Roaming\AVAST Software
2016-06-17 07:46 - 2016-06-17 07:45 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-17 07:45 - 2016-06-17 07:45 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-17 07:42 - 2016-06-17 07:42 - 00002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-17 07:42 - 2016-06-17 07:42 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\Program Files\CCleaner
2016-06-17 07:36 - 2016-06-17 07:36 - 00000000 ____D C:\Users\Jason\Documents\Benutzerdefinierte Office-Vorlagen
2016-06-17 07:35 - 2016-06-17 07:40 - 06893008 _____ (Piriform Ltd) C:\Users\Jason\Downloads\ccsetup518.exe
2016-06-17 07:34 - 2016-06-17 07:52 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-17 07:31 - 2016-06-17 07:32 - 05066104 _____ (AVAST Software) C:\Users\Jason\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-17 07:29 - 2016-06-18 11:42 - 00000000 ____D C:\AdwCleaner
2016-06-17 07:28 - 2016-06-17 07:44 - 243864880 _____ (Emsisoft Ltd. ) C:\Users\Jason\Downloads\EmsisoftAntiMalwareSetup.exe
2016-06-17 07:28 - 2016-06-17 07:29 - 03703360 _____ C:\Users\Jason\Downloads\adwcleaner_5.200.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-17 04:38 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-06-17 04:18 - 2016-06-17 04:21 - 00000000 ____D C:\Users\Jason\AppData\Local\Chromium
2016-06-17 04:15 - 2016-06-17 04:15 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-06-17 04:14 - 2016-06-17 04:14 - 00000000 _____ C:\Windows\-1
2016-06-17 04:13 - 2016-06-17 04:59 - 00000000 ____D C:\Users\Jason\AppData\Local\YZPack
2016-06-17 04:13 - 2016-06-17 04:59 - 00000000 ____D C:\Users\Jason\AppData\Local\Oxxics
2016-06-17 03:58 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Windows\PCHEALTH
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-06-17 03:57 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 __RHD C:\MSOCache
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Users\Jason\AppData\Local\Microsoft Help
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-06-16 14:20 - 2016-06-16 14:20 - 00000000 ____D C:\Users\Jason\AppData\LocalLow\Temp
2016-06-15 19:18 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 19:18 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-15 19:18 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-15 19:18 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 19:17 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-15 19:17 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-15 19:17 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-15 19:17 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-15 19:17 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 19:17 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 19:17 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-15 19:17 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 19:17 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-15 19:17 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-15 19:17 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-15 19:17 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-15 19:17 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-15 19:17 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 19:17 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-15 19:17 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 19:17 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 19:17 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 19:17 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-15 19:17 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-15 19:17 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 19:17 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-15 19:17 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-15 19:17 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 19:17 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-15 19:17 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 17:38 - 2016-06-14 17:38 - 00001002 _____ C:\Users\Jason\Desktop\Minecraft.lnk
2016-06-13 18:50 - 2016-06-13 18:50 - 00000000 ____D C:\Users\Jason\AppData\Local\ElevatedDiagnostics
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp
2016-06-11 14:07 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-11 14:06 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-11 14:06 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-11 14:05 - 2016-06-03 09:22 - 39977920 _____ C:\Windows\system32\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17432544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 08733792 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-03 03:48 - 2016-06-03 03:48 - 00000000 ____D C:\Users\Jason\Documents\Overwatch
2016-06-02 21:15 - 2016-06-02 21:15 - 00001173 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-06-02 21:15 - 2016-06-02 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-06-02 19:19 - 2016-06-15 17:29 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-02 19:16 - 2016-06-16 19:53 - 00000000 ____D C:\Users\Jason\AppData\Local\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000676 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Blizzard Entertainment
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-02 19:12 - 2016-06-05 13:04 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Battle.net
2016-06-02 19:12 - 2016-06-02 19:12 - 00000000 ____D C:\ProgramData\Battle.net
2016-05-20 22:28 - 2016-05-20 22:28 - 00000000 ____D C:\Users\Jason\Documents\NCSOFT
2016-05-20 00:04 - 2016-05-20 00:04 - 00000823 _____ C:\Users\Public\Desktop\WildStar.lnk
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Roaming\NCSOFT
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Local\NCSOFT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 13:24 - 2016-03-07 22:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Spotify
2016-06-18 13:21 - 2016-03-07 22:15 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Spotify
2016-06-18 13:16 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2016-06-18 12:43 - 2016-04-27 12:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-18 11:49 - 2016-03-07 17:20 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-18 11:49 - 2015-10-30 20:35 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-06-18 11:49 - 2015-10-30 20:35 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-06-18 11:49 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-06-18 11:43 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-18 11:43 - 2016-03-07 17:13 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 11:43 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-18 11:33 - 2016-03-07 20:19 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Skype
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-18 10:03 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-06-18 09:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-18 09:57 - 2016-04-08 08:11 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D1EF5C9D-4F0F-4BC3-AA26-FDB376C3839A}
2016-06-17 20:58 - 2016-03-07 17:12 - 00355288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 20:58 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SystemApps
2016-06-17 20:26 - 2016-03-09 20:12 - 00002834 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason
2016-06-17 20:23 - 2016-04-20 17:23 - 00000000 ____D C:\Users\Jason\AppData\Local\CrashDumps
2016-06-17 20:23 - 2016-04-12 21:30 - 00000000 ____D C:\Windows\Minidump
2016-06-17 20:23 - 2016-03-31 01:01 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TeamViewer
2016-06-17 20:23 - 2016-03-07 17:11 - 00000000 ____D C:\Windows\Panther
2016-06-17 20:21 - 2016-03-09 17:42 - 00000000 ____D C:\Users\Jason\Desktop\Projekte-Bilder
2016-06-17 07:57 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-17 07:54 - 2016-03-07 19:54 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-17 07:52 - 2016-03-07 19:58 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-17 07:35 - 2016-03-07 19:18 - 00000000 ____D C:\Users\Jason\AppData\Local\MicrosoftEdge
2016-06-17 04:59 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\addins
2016-06-17 04:25 - 2016-03-07 17:14 - 00000000 ____D C:\Users\Jason
2016-06-17 04:15 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-06-17 04:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-06-17 03:58 - 2015-10-30 20:44 - 00000000 ____D C:\Windows\ShellNew
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-17 03:57 - 2015-10-30 09:24 - 00000167 _____ C:\Windows\win.ini
2016-06-17 03:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-17 03:37 - 2016-03-09 17:49 - 00000000 ____D C:\Users\Jason\AppData\Local\Adobe
2016-06-16 13:36 - 2016-03-07 17:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 22:40 - 2016-03-07 19:17 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-15 19:23 - 2016-03-07 20:33 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 19:20 - 2016-03-07 20:32 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 18:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-14 17:38 - 2016-04-13 19:35 - 00000000 ____D C:\Users\Jason\Desktop\Mc
2016-06-13 19:03 - 2016-04-13 18:45 - 00000000 ____D C:\Users\Jason\Desktop\Treiber
2016-06-13 18:40 - 2016-04-22 19:51 - 00000000 ____D C:\Users\Jason\Documents\Rainmeter
2016-06-12 16:54 - 2016-03-12 22:12 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TS3Client
2016-06-11 14:07 - 2016-04-12 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-11 14:07 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-04 02:51 - 2016-04-12 21:13 - 13553096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-03 16:20 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\LiveKernelReports
2016-06-03 09:22 - 2016-04-12 21:13 - 20375488 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 17729184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 14462536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03811256 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03371624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-11-10 02:12 - 00040084 _____ C:\Windows\system32\nvinfo.pb
2016-06-03 05:59 - 2016-04-12 21:15 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-04-12 21:15 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-03-07 17:22 - 06364216 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-03-07 17:22 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-03 04:22 - 2016-03-07 19:22 - 00000000 ____D C:\ProgramData\ProductData
2016-05-28 07:55 - 2016-03-07 17:13 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-05-26 20:16 - 2016-03-26 18:39 - 00000000 ____D C:\ProgramData\Origin
2016-05-26 20:06 - 2016-03-26 19:44 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-26 20:06 - 2016-03-26 19:44 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-21 23:09 - 2015-11-10 04:14 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-05-20 00:04 - 2016-04-20 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

1998-01-12 02:00 - 1998-01-12 02:00 - 0049931 _____ () C:\Users\Jason\AppData\Roaming\Jaundice.N62
1998-10-27 02:00 - 1998-10-27 02:00 - 0001693 _____ () C:\Users\Jason\AppData\Roaming\Palaeoecology.W
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ () C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-11 14:06

==================== Ende von FRST.txt ============================

deeprybka 18.06.2016 13:17
Hi,
ja das hast Du gut bemerkt. Da läuft Malware.
https://www.virustotal.com/de/file/a...9f94/analysis/

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w8.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [YZPack] => regsvr32.exe C:\Users\Jason\AppData\Local\YZPack\Sdltor.dll
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Udmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Jason\AppData\Local\Oxxics\wbMobilent5.dll
C:\Users\Jason\AppData\Local\YZPack\
C:\Users\Jason\AppData\Local\Oxxics
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Bitte nach dem Reboot erstmal das "Zuviel" an Antivirusprogrammen deinstallieren (Spybot und Avast) und von einem sauberen Gerät sensible Online-Passwörter ändern.

Dann bitte frische Logs:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

SafeCall 18.06.2016 13:31
Ok , danke für die schnelle Antwort

FixLog

Code:
ntferungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
durchgeführt von Jason (2016-06-18 14:21:54) Run:1
Gestartet von C:\Users\Jason\Desktop
Geladene Profile: Jason (Verfügbare Profile: Jason)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [YZPack] => regsvr32.exe C:\Users\Jason\AppData\Local\YZPack\Sdltor.dll
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Udmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Jason\AppData\Local\Oxxics\wbMobilent5.dll
C:\Users\Jason\AppData\Local\YZPack\
C:\Users\Jason\AppData\Local\Oxxics
EmptyTemp:
       
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YZPack => Wert erfolgreich entfernt
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Udmedia => Wert erfolgreich entfernt
C:\Users\Jason\AppData\Local\YZPack => erfolgreich verschoben
C:\Users\Jason\AppData\Local\Oxxics => erfolgreich verschoben

=========== EmptyTemp: ==========

DOMStore, BITS transfer queue, thumbcache, IE frameiconcache.dat => 5272280 bytes
Java, Opera, Flash, IE recovery, Steam htmlcache, Windows/system/drivers/LocalLow Temp => 182930909 bytes
Edge => 1973 bytes
Chrome => 375613756 bytes
Firefox => 2835544 bytes

Temp, IE cache, history, cookies, recent:
Default => 0 bytes
ProgramData => 0 bytes
Public => 0 bytes
systemprofile => 128 bytes
systemprofile32 => 0 bytes
LocalService => 0 bytes
NetworkService => 128 bytes
Jason => 101543838 bytes

RecycleBin => 2364 bytes
EmptyTemp: => 637.2 MB temporäre Dateien entfernt.
======================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 14:22:14 ====
Sensible Daten sind gott sei dank von mir nicht hier drauf , da dies nicht mein Privat PC sondern ein gemeinschafts PC ist und ich hier mehr oder weniger nur für die Wartung zuständig bin , was meine Kollegen hier mit anstellen weiß ich natürlich nicht weshalb hier auch gefühlt 20 Antivir Programme vorhanden sind.Ich werde es auch ihnen ausrichten ,dass sie ihre Daten ändern sollen.

Ich habe fürs erste keine Programme deinstalliert und ich würde Avast auch gerne drauf behalten , da dies eine gekaufte Version ist. Alle anderen die sie für unnötig befinden werde ich aber deinstallieren.

FRST Log

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
durchgeführt von Jason (Administrator) auf DESKTOP-KSH5MTL (18-06-2016 14:25:08)
Gestartet von C:\Users\Jason\Desktop
Geladene Profile: Jason (Verfügbare Profile: Jason)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Windows\System32\PnkBstrA.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Jason\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Initex) C:\Program Files (x86)\Proxifier\Proxifier.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(IObit) C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9501040 2016-06-01] (Emsisoft Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\PARTHICA Core Gaming Keyboard\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2916160 2015-09-21] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-17] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424448 2016-06-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify Web Helper] => C:\Users\Jason\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1552496 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify] => C:\Users\Jason\AppData\Roaming\Spotify\Spotify.exe [6916208 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-04-27] (Electronic Arts)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Proxifier] => c:\program files (x86)\proxifier\proxifier.exe [4624976 2015-12-02] (Initex)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {99815414-342b-11e6-96fe-bc5ff419b6ed} - "H:\SETUP.EXE"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924ccfc-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924cd31-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {efcafdb6-e476-11e5-96d7-806e6f6e6963} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-17] (AVAST Software)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-04-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-30] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\3xyporxq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (DedraTV Support Plugin!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\adjogjbhhbckdhlhkglddoilhehegbbc [2016-05-20]
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11433080 2016-06-01] (Emsisoft Ltd)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-06-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-05-15] (BitRaider, LLC)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-03-07] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-04-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-03-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-03-26] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-17] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-06-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-06-17] (AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-05-15] (BitRaider)
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2015-09-21] (Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2016-03-07] (Cypress Semiconductor, Inc.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [126280 2016-05-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-07] (REALiX(tm))
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-03-07] (Realtek                                            )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 14:21 - 2016-06-18 14:22 - 00001941 _____ C:\Users\Jason\Desktop\Fixlog.txt
2016-06-18 13:28 - 2016-06-18 13:29 - 00054771 _____ C:\Users\Jason\Desktop\Addition.txt
2016-06-18 13:27 - 2016-06-18 14:25 - 00023859 _____ C:\Users\Jason\Desktop\FRST.txt
2016-06-18 13:27 - 2016-06-18 13:25 - 02386944 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2016-06-18 13:26 - 2016-06-18 14:25 - 00000000 ____D C:\FRST
2016-06-18 12:48 - 2016-06-18 12:48 - 00005362 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL
2016-06-18 12:22 - 2016-06-18 12:22 - 00001782 _____ C:\Users\Jason\Desktop\Chrome.lnk
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOShared
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOPrivate
2016-06-18 11:21 - 2016-04-23 21:32 - 00001556 _____ C:\Windows\system32\Drivers\etc\hosts.20160618-112155.backup
2016-06-18 11:13 - 2016-06-18 11:13 - 00000000 ____D C:\ProgramData\Emsisoft
2016-06-18 11:10 - 2016-06-18 14:23 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-06-18 11:10 - 2016-06-18 11:10 - 00000937 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-06-18 11:10 - 2016-06-18 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-06-18 11:05 - 2016-06-18 11:05 - 00000000 ____D C:\$SysReset
2016-06-17 20:55 - 2016-06-17 20:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-17 20:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-06-17 20:53 - 2016-06-18 11:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-17 20:53 - 2016-06-17 20:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-17 20:53 - 2016-06-17 20:53 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-17 20:53 - 2016-06-17 20:53 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-17 20:53 - 2016-06-17 20:53 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-06-17 20:53 - 2016-06-17 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-17 20:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-06-17 20:49 - 2016-06-18 11:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 20:45 - 2016-06-17 20:45 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-17 20:35 - 2016-06-17 20:35 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-06-17 20:35 - 2016-06-17 20:35 - 00001967 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-06-17 20:34 - 2016-06-17 20:34 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-06-17 20:34 - 2016-06-17 07:46 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-17 20:26 - 2016-06-17 20:27 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Users\Jason\AppData\Local\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-17 20:25 - 2016-06-17 20:25 - 00002608 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-06-17 20:21 - 2016-06-17 20:36 - 00000000 ____D C:\Users\Jason\Desktop\School
2016-06-17 07:54 - 2016-06-17 20:35 - 00004042 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466142880
2016-06-17 07:54 - 2016-06-17 20:35 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00001082 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-17 07:52 - 2016-06-17 20:58 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 07:52 - 2016-06-17 20:58 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 07:52 - 2016-06-17 20:26 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-17 07:52 - 2016-06-17 20:26 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-17 07:52 - 2016-06-17 07:52 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-17 07:46 - 2016-06-17 20:34 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-17 07:46 - 2016-06-17 07:46 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00000000 ____D C:\Users\Jason\AppData\Roaming\AVAST Software
2016-06-17 07:46 - 2016-06-17 07:45 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-17 07:45 - 2016-06-17 07:45 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-17 07:42 - 2016-06-17 07:42 - 00002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-17 07:42 - 2016-06-17 07:42 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\Program Files\CCleaner
2016-06-17 07:36 - 2016-06-17 07:36 - 00000000 ____D C:\Users\Jason\Documents\Benutzerdefinierte Office-Vorlagen
2016-06-17 07:35 - 2016-06-17 07:40 - 06893008 _____ (Piriform Ltd) C:\Users\Jason\Downloads\ccsetup518.exe
2016-06-17 07:34 - 2016-06-17 07:52 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-17 07:31 - 2016-06-17 07:32 - 05066104 _____ (AVAST Software) C:\Users\Jason\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-17 07:29 - 2016-06-18 11:42 - 00000000 ____D C:\AdwCleaner
2016-06-17 07:28 - 2016-06-17 07:44 - 243864880 _____ (Emsisoft Ltd. ) C:\Users\Jason\Downloads\EmsisoftAntiMalwareSetup.exe
2016-06-17 07:28 - 2016-06-17 07:29 - 03703360 _____ C:\Users\Jason\Downloads\adwcleaner_5.200.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-17 04:38 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-06-17 04:18 - 2016-06-17 04:21 - 00000000 ____D C:\Users\Jason\AppData\Local\Chromium
2016-06-17 04:15 - 2016-06-17 04:15 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-06-17 04:14 - 2016-06-17 04:14 - 00000000 _____ C:\Windows\-1
2016-06-17 03:58 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Windows\PCHEALTH
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-06-17 03:57 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 __RHD C:\MSOCache
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Users\Jason\AppData\Local\Microsoft Help
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-06-16 14:20 - 2016-06-18 14:22 - 00000000 ____D C:\Users\Jason\AppData\LocalLow\Temp
2016-06-15 19:18 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 19:18 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-15 19:18 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-15 19:18 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 19:17 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-15 19:17 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-15 19:17 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-15 19:17 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-15 19:17 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 19:17 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 19:17 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-15 19:17 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 19:17 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-15 19:17 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-15 19:17 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-15 19:17 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-15 19:17 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-15 19:17 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 19:17 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-15 19:17 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 19:17 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 19:17 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 19:17 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-15 19:17 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-15 19:17 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 19:17 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-15 19:17 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-15 19:17 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 19:17 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-15 19:17 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 17:38 - 2016-06-14 17:38 - 00001002 _____ C:\Users\Jason\Desktop\Minecraft.lnk
2016-06-13 18:50 - 2016-06-13 18:50 - 00000000 ____D C:\Users\Jason\AppData\Local\ElevatedDiagnostics
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp
2016-06-11 14:07 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-11 14:06 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-11 14:06 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-11 14:05 - 2016-06-03 09:22 - 39977920 _____ C:\Windows\system32\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17432544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 08733792 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-03 03:48 - 2016-06-03 03:48 - 00000000 ____D C:\Users\Jason\Documents\Overwatch
2016-06-02 21:15 - 2016-06-02 21:15 - 00001173 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-06-02 21:15 - 2016-06-02 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-06-02 19:19 - 2016-06-15 17:29 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-02 19:16 - 2016-06-16 19:53 - 00000000 ____D C:\Users\Jason\AppData\Local\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000676 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Blizzard Entertainment
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-02 19:12 - 2016-06-05 13:04 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Battle.net
2016-06-02 19:12 - 2016-06-02 19:12 - 00000000 ____D C:\ProgramData\Battle.net
2016-05-20 22:28 - 2016-05-20 22:28 - 00000000 ____D C:\Users\Jason\Documents\NCSOFT
2016-05-20 00:04 - 2016-05-20 00:04 - 00000823 _____ C:\Users\Public\Desktop\WildStar.lnk
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Roaming\NCSOFT
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Local\NCSOFT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 14:22 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-18 14:22 - 2016-03-07 17:13 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 14:22 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-18 14:21 - 2016-03-07 22:15 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Spotify
2016-06-18 14:16 - 2016-03-07 20:19 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Skype
2016-06-18 13:56 - 2016-03-07 22:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Spotify
2016-06-18 13:43 - 2016-04-27 12:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-18 13:43 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-06-18 13:16 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2016-06-18 11:49 - 2016-03-07 17:20 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-18 11:49 - 2015-10-30 20:35 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-06-18 11:49 - 2015-10-30 20:35 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-06-18 11:49 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-18 09:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-18 09:57 - 2016-04-08 08:11 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D1EF5C9D-4F0F-4BC3-AA26-FDB376C3839A}
2016-06-17 20:58 - 2016-03-07 17:12 - 00355288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 20:58 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SystemApps
2016-06-17 20:26 - 2016-03-09 20:12 - 00002834 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason
2016-06-17 20:23 - 2016-04-20 17:23 - 00000000 ____D C:\Users\Jason\AppData\Local\CrashDumps
2016-06-17 20:23 - 2016-04-12 21:30 - 00000000 ____D C:\Windows\Minidump
2016-06-17 20:23 - 2016-03-31 01:01 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TeamViewer
2016-06-17 20:23 - 2016-03-07 17:11 - 00000000 ____D C:\Windows\Panther
2016-06-17 20:21 - 2016-03-09 17:42 - 00000000 ____D C:\Users\Jason\Desktop\Projekte-Bilder
2016-06-17 07:57 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-17 07:54 - 2016-03-07 19:54 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-17 07:52 - 2016-03-07 19:58 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-17 07:35 - 2016-03-07 19:18 - 00000000 ____D C:\Users\Jason\AppData\Local\MicrosoftEdge
2016-06-17 04:59 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\addins
2016-06-17 04:25 - 2016-03-07 17:14 - 00000000 ____D C:\Users\Jason
2016-06-17 04:15 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-06-17 04:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-06-17 03:58 - 2015-10-30 20:44 - 00000000 ____D C:\Windows\ShellNew
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-17 03:57 - 2015-10-30 09:24 - 00000167 _____ C:\Windows\win.ini
2016-06-17 03:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-17 03:37 - 2016-03-09 17:49 - 00000000 ____D C:\Users\Jason\AppData\Local\Adobe
2016-06-16 13:36 - 2016-03-07 17:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 22:40 - 2016-03-07 19:17 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-15 19:23 - 2016-03-07 20:33 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 19:20 - 2016-03-07 20:32 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 18:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-14 17:38 - 2016-04-13 19:35 - 00000000 ____D C:\Users\Jason\Desktop\Mc
2016-06-13 19:03 - 2016-04-13 18:45 - 00000000 ____D C:\Users\Jason\Desktop\Treiber
2016-06-13 18:40 - 2016-04-22 19:51 - 00000000 ____D C:\Users\Jason\Documents\Rainmeter
2016-06-12 16:54 - 2016-03-12 22:12 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TS3Client
2016-06-11 14:07 - 2016-04-12 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-11 14:07 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-04 02:51 - 2016-04-12 21:13 - 13553096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-03 16:20 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\LiveKernelReports
2016-06-03 09:22 - 2016-04-12 21:13 - 20375488 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 17729184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 14462536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03811256 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03371624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-11-10 02:12 - 00040084 _____ C:\Windows\system32\nvinfo.pb
2016-06-03 05:59 - 2016-04-12 21:15 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-04-12 21:15 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-03-07 17:22 - 06364216 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-03-07 17:22 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-03 04:22 - 2016-03-07 19:22 - 00000000 ____D C:\ProgramData\ProductData
2016-05-28 07:55 - 2016-03-07 17:13 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-05-26 20:16 - 2016-03-26 18:39 - 00000000 ____D C:\ProgramData\Origin
2016-05-26 20:06 - 2016-03-26 19:44 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-26 20:06 - 2016-03-26 19:44 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-21 23:09 - 2015-11-10 04:14 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-05-20 00:04 - 2016-04-20 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

1998-01-12 02:00 - 1998-01-12 02:00 - 0049931 _____ () C:\Users\Jason\AppData\Roaming\Jaundice.N62
1998-10-27 02:00 - 1998-10-27 02:00 - 0001693 _____ () C:\Users\Jason\AppData\Roaming\Palaeoecology.W
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ () C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-11 14:06

==================== Ende von FRST.txt ============================

SafeCall 18.06.2016 13:32
Addition Log

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
durchgeführt von Jason (2016-06-18 14:25:33)
Gestartet von C:\Users\Jason\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-07 15:13:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1369008476-2929507647-2192831292-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1369008476-2929507647-2192831292-503 - Limited - Disabled)
Gast (S-1-5-21-1369008476-2929507647-2192831292-501 - Limited - Disabled)
Jason (S-1-5-21-1369008476-2929507647-2192831292-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Corsair Gaming Headset Software (HKLM-x32\...\{F07ECABA-F37C-4D1D-A244-829195193DA7}) (Version: 2.0.37 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.8 - Emsisoft Ltd.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.22-0.11.17-beta - Riot Games)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PARTHICA Core Gaming Keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - SPEEDLINK)
Proxifier version 3.29 (HKLM-x32\...\Proxifier_is1) (Version: 3.29 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2607 - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.18 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FDBEEC109F51}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0101DB32-B0CC-4B29-B4D7-5E881651DB8B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {0190965E-37B0-452C-BFE0-41F58644CBCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {0EB48B8F-4052-4CC0-92DA-B14150868334} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {1AD64556-5501-41A2-ACC6-CAE3AE1EA809} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2D74239E-5052-43B3-A537-A68D1289B0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {2F7C8DDD-16EE-45D6-BAC1-3495E345D0F0} - System32\Tasks\SafeZone scheduled Autoupdate 1466142880 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {4322A2E5-E438-4973-8923-68F3DDE78969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {46C2D336-44D9-4E18-8DAD-4036CCF8DA65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {586B6CAD-3757-4BA7-A47D-E684342E4815} - System32\Tasks\Driver Booster SkipUAC (Jason) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {5C5452DF-0976-4651-8E00-FBD2035214B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {6B6CB93F-50C4-4554-ADE2-2BFB84AF4E7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {73E8AF38-5956-48C0-850E-20AADE99CF0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {740BD406-966D-44AB-BB13-D374D9759238} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-17] (AVAST Software)
Task: {779D51B1-5E5B-4D9F-B26A-AB1A103E414E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {8FC2B8D6-395C-4284-99A0-648794CFE946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {95A7ED4B-DF5B-4194-BDE0-C6D1D07EF16D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {AEFFF2DE-EFF2-4E1B-A898-8C1825E37540} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {BF0C6B78-B181-4CA3-8778-151BD35EE0EE} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C271BD39-FE65-41F2-8D61-27BD0810D2AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CD517F5F-F6CC-4476-8A82-46D7F2FCF356} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2016-04-20 21:32 - 2015-03-28 15:55 - 00096840 _____ () C:\Windows\system32\PrxerNsp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-07 17:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-03-27 00:46 - 2016-03-27 00:46 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-04-12 21:16 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-04-12 21:16 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-07 20:30 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 19:24 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 19:18 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 19:18 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 19:18 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 19:18 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00113152 _____ () C:\Program Files\Rainmeter\Plugins\ResMon.DLL
2016-03-22 17:54 - 2016-03-22 17:54 - 00022016 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00123392 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00128000 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00108544 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00134656 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00192512 _____ () C:\Program Files\Rainmeter\Plugins\FileView.DLL
2016-06-13 18:25 - 2016-06-13 18:25 - 00719872 _____ () C:\Users\Jason\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00171008 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2016-05-14 00:09 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-18 09:54 - 2016-06-18 09:54 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16061800\algo.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-17 20:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-17 20:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-17 20:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-17 20:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-04-12 21:16 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-17 07:46 - 2016-06-17 07:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-06-18 11:21 - 00453460 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        activation-v2.kaspersky.com
127.0.0.1        activation-v2.geo.kaspersky.com127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        123moviedownload.com

Da befinden sich 15535 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run32: => "P17RunE"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SL-6482 Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ISCT Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Udmedia"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "YZPack"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Oxxics"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Chromium"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6131E621-FDE5-44F2-9CE6-425DFF3C86E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{810FD576-273A-4D7B-96AA-0E8B607BB2F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{905EC3D8-A127-42F6-B2EE-F625EEB39500}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{4F1E811F-F5D0-4ACA-B414-70D60E2B7B33}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E2056337-7E44-4E4D-8C2A-8363A2706B83}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{A978A507-C7BB-4482-95DA-1D48A18324F2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{44354F4C-075B-400D-BA06-6CD65468587B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4D91253-B2EF-4E77-BE4B-399F7C177C05}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1BC6E792-9E41-4416-AA68-7525CE995266}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B192FE53-AC1D-49CE-A969-895C2E8119C1}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{381891B0-56AD-49C7-9218-78B0CD5E824D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{51D72A44-BAE0-49C6-8386-A890B4394BC1}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{358C67D9-D5AB-4CA6-8CD2-B3A0378B798E}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F2E293B-98E5-4CAD-8A2E-55C385170B50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B0B621B7-3C61-40E2-BDB7-ABB0C3FB84EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5DCF411-EA4E-4843-95BF-988FC691F9D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A529575-A63D-4028-8FFC-04A5F87DFA54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{91569899-59A8-4D13-92E1-75647B313D51}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{233D6302-5406-4696-AFB7-FB04FCDB567A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6218D5E3-805B-4308-B351-75C90441765D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3A8378CB-B1E8-4318-A6D2-91EF7F1A0AB4}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{57817442-8257-4D9D-BEE9-36E91740CD24}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CF0AF5BF-8C54-4D2A-AA21-8110E839DCE1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{90A3D202-A820-47CA-9EDB-8B31A180B5CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{06E797AA-FFCF-45F4-A26D-356D8186A4D9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4374612E-A4E1-479A-9991-762FC9566F74}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{06A334F4-F93A-487F-BBDA-EDE704234BAF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D2CA67A4-9E6F-4408-B404-E4818F607BA5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C765FFDD-EF36-424B-9A66-BAB87777AD42}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{45BB9819-AA99-4FD7-A246-F0B41781EDBF}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{1111FED4-521A-4D4D-9619-2C9BEA13D664}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{0F393A4B-407A-4066-AD21-FD1B33409620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4629553-AE24-470A-95EE-1A59C623CF3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43044DB2-DF8A-47AC-B439-271814A7A941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC2A39D8-AC25-4339-BB91-8B70CB78F0F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EAAEFD9B-1027-4B78-A4A5-CEFD4F397872}] => (Allow) LPort=8317
FirewallRules: [{BBA82E3D-8D3E-443C-9FE1-7BD07C2B39CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{32BB7D60-6DCC-4A88-B5A3-8D5F925B45EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2287E9B7-B314-42DE-B684-D94B77997365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3D196C07-A404-4CC6-A17C-1B61EEBB0F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB9A6432-44FC-4248-A513-176C2E6CA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5D09FF5E-8EE7-46DF-BFCD-1DC31C3C9728}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D890147-64CF-44E2-A891-A36937052171}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8118627F-F677-4309-B26C-D5C74707B355}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{64B805F0-08B6-40BB-9F6F-D0B30BBF6335}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B8F81720-BF70-4FF0-987D-1D6FDD164685}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{70EB8D72-E106-48D9-A1E4-BA8F3E033A18}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6AA4FE9B-4C09-41BC-8F9B-5BC9B5F2D51B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E83C8B51-26D8-4C4D-A199-745DD34A46A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F52CB433-48AF-48E5-828A-2D97B47025F1}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{D1033B6A-954C-4E4B-A1FD-7FFA6D0873E0}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{65750AF5-4BDA-45D0-B324-01CABEC9FB42}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{2700FAF6-29AD-4BB8-84BA-196E0985AC72}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6F194FA5-99AE-4D9E-AA7D-89586FF96591}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B8611968-C770-427A-BDBA-2DC9781C45BA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{21E0DAE0-38A0-4C5A-A405-9C9AA8F229D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{3E4B7DE5-43D9-4E34-A5D9-E442F6D27203}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9867B49B-3082-43FD-9416-E64E29DEB600}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8C38DFB3-8F28-417C-8880-4CD48EBE9748}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B9E06F-EC85-403F-855D-97AFC4367CFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6BFF4AF-7DE6-43EB-8411-76F67F843DA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{35B9812A-2ECD-4199-8F08-614531FC8563}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5F52E47-02EE-40E4-99CD-207A62BC40AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98DEC2D8-453F-4164-92D3-9C300D7BC0CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3AB3326-B8C1-46E3-99CE-BAC078830146}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

14-06-2016 18:27:04 Geplanter Prüfpunkt
17-06-2016 03:57:15 Installed Microsoft Office Professional Plus 2013
17-06-2016 03:57:20 PROPLUSR
18-06-2016 10:06:07 ASU_MSI_TRAN

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/18/2016 10:06:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/17/2016 11:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2071.1338, Zeitstempel: 0x5726e00c
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5726e510
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0x13a0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (06/17/2016 09:28:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 09:16:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KSH5MTL)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147009265. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (4960) testing: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 08:24:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4956) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Jason\AppData\Local\Microsoft\Windows\WebCache\V010022A.log.

Error: (06/17/2016 05:12:31 AM) (Source: Microsoft Office 15) (EventID: 2000) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Accepted Safe Mode action : Microsoft Word.

Error: (06/17/2016 05:10:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0xea4
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5

Error: (06/17/2016 05:10:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Name des fehlerhaften Moduls: TeamViewer_Service.exe, Version: 11.0.56083.0, Zeitstempel: 0x56d725ae
Ausnahmecode: 0xc0000409
Fehleroffset: 0x003c1996
ID des fehlerhaften Prozesses: 0xa6c
Startzeit der fehlerhaften Anwendung: 0xTeamViewer_Service.exe0
Pfad der fehlerhaften Anwendung: TeamViewer_Service.exe1
Pfad des fehlerhaften Moduls: TeamViewer_Service.exe2
Berichtskennung: TeamViewer_Service.exe3
Vollständiger Name des fehlerhaften Pakets: TeamViewer_Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TeamViewer_Service.exe5

Error: (06/17/2016 05:00:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Name des fehlerhaften Moduls: SysSettings32.exe, Version: 3.28.0.1, Zeitstempel: 0x55102baf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005174
ID des fehlerhaften Prozesses: 0x1388
Startzeit der fehlerhaften Anwendung: 0xSysSettings32.exe0
Pfad der fehlerhaften Anwendung: SysSettings32.exe1
Pfad des fehlerhaften Moduls: SysSettings32.exe2
Berichtskennung: SysSettings32.exe3
Vollständiger Name des fehlerhaften Pakets: SysSettings32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SysSettings32.exe5


Systemfehler:
=============
Error: (06/18/2016 02:22:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4c254" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 02:22:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 11" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/18/2016 02:22:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-06-18 13:43:35.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 12:00:49.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 04:38:40.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 03:59:05.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 13:36:17.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 19:27:59.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-13 18:27:45.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8083.68 MB
Verfügbarer physikalischer RAM: 5463.67 MB
Summe virtueller Speicher: 9363.68 MB
Verfügbarer virtueller Speicher: 6267.83 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:87.68 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:759.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A7F96F5D)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00F987B4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 18.06.2016 13:37
OK, das bezahlte Programm kannste installiert lassen. Dann eben Emsisoft und Spybot runter.

Anschließend:

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


SafeCall 18.06.2016 15:19
Ok , sorry für die späte Antwort , Eset hat echt lange gedauert.

Adwcleaner:

Code:
# AdwCleaner v5.200 - Bericht erstellt am 18/06/2016 um 14:48:37
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-17.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Jason - DESKTOP-KSH5MTL
# Gestartet von : C:\Users\Jason\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2442 Bytes] - [17/06/2016 07:29:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [1210 Bytes] - [18/06/2016 11:42:51]
C:\AdwCleaner\AdwCleaner[C3].txt - [1054 Bytes] - [18/06/2016 14:48:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [2456 Bytes] - [17/06/2016 07:29:16]
C:\AdwCleaner\AdwCleaner[S2].txt - [1111 Bytes] - [18/06/2016 11:41:00]
C:\AdwCleaner\AdwCleaner[S3].txt - [1127 Bytes] - [18/06/2016 14:47:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1346 Bytes] ##########
Mbam

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 18.06.2016
Suchlaufzeit: 14:51
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.18.01
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Jason

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 301462
Abgelaufene Zeit: 7 Min., 40 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Eset

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a41b364d5d3fb45a8ea17b9782fcc72
# end=init
# utc_time=2016-06-18 01:01:33
# local_time=2016-06-18 03:01:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 29838
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a41b364d5d3fb45a8ea17b9782fcc72
# end=updated
# utc_time=2016-06-18 01:07:43
# local_time=2016-06-18 03:07:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7a41b364d5d3fb45a8ea17b9782fcc72
# engine=29838
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-18 01:35:55
# local_time=2016-06-18 03:35:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=785 16777213 83 98 67064 115400 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 115012 20071098 0 0
# scanned=262602
# found=3
# cleaned=0
# scan_time=1691
sh=F0E0CD23F7A031C04F3B837FAD1B2E607073C069 ft=1 fh=a305c8757b2b2030 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jason\Downloads\Driver Booster Free - CHIP-Installer.exe"
sh=CA199C3FAE8F441117D2CBD151B59530EFCF76F4 ft=1 fh=77bda1a95ec768cd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=1B1DF5D918F4C108E458826A41BCC28FCC18B488 ft=1 fh=844862b8ff9877dd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"

deeprybka 18.06.2016 15:28
http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

SafeCall 18.06.2016 15:35
"Probleme" gab es ja von vorne rein nicht , habe das ja durch Zufall entdeckt.

FRST

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2016
durchgeführt von Jason (Administrator) auf DESKTOP-KSH5MTL (18-06-2016 16:33:42)
Gestartet von C:\Users\Jason\Desktop
Geladene Profile: Jason (Verfügbare Profile: Jason)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Initex) C:\Program Files (x86)\Proxifier\Proxifier.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\Chrm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SL-6482 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\PARTHICA Core Gaming Keyboard\Monitor.exe [1976832 2014-04-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM-x32\...\Run: [Corsair Gaming Headset Software] => C:\Program Files (x86)\Corsair\Corsair Gaming Headset Software\HeadsetControlPanel.exe [2916160 2015-09-21] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-17] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424448 2016-06-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify Web Helper] => C:\Users\Jason\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1552496 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Spotify] => C:\Users\Jason\AppData\Roaming\Spotify\Spotify.exe [6916208 2016-06-18] (Spotify Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3639280 2016-04-27] (Electronic Arts)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [Proxifier] => c:\program files (x86)\proxifier\proxifier.exe [4624976 2015-12-02] (Initex)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {99815414-342b-11e6-96fe-bc5ff419b6ed} - "H:\SETUP.EXE"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924ccfc-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {e924cd31-0fdf-11e6-96f1-bc5ff419b6ed} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\MountPoints2: {efcafdb6-e476-11e5-96d7-806e6f6e6963} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-17] (AVAST Software)
Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-04-22]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3fdaf216-2052-4bad-93e1-3a18d570ef37}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-30] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\3xyporxq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-07]
CHR Extension: (DedraTV Support Plugin!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\adjogjbhhbckdhlhkglddoilhehegbbc [2016-05-20]
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-07]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-07]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-07]
CHR Extension: (Google Tabellen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Avast Online Security) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-06-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-05-15] (BitRaider, LLC)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-03-07] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-04-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-03-27] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-03-26] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-17] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-06-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-06-17] (AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-05-15] (BitRaider)
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2015-09-21] (Corsair Components, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2016-03-07] (Cypress Semiconductor, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-03-07] (REALiX(tm))
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [936192 2016-03-07] (Realtek                                            )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 16:32 - 2016-06-18 16:32 - 00000000 ____D C:\Users\Jason\Desktop\FRST-OlderVersion
2016-06-18 15:01 - 2016-06-18 15:01 - 02870984 _____ (ESET) C:\Users\Jason\Desktop\esetsmartinstaller_deu.exe
2016-06-18 15:01 - 2016-06-18 15:01 - 00000000 ____D C:\Program Files (x86)\ESET
2016-06-18 15:00 - 2016-06-18 15:00 - 00001193 _____ C:\Users\Jason\Desktop\mbam.txt
2016-06-18 14:50 - 2016-06-18 14:50 - 00001414 _____ C:\Users\Jason\Desktop\Adwarecleanerlog.txt
2016-06-18 14:45 - 2016-06-18 14:45 - 03703360 _____ C:\Users\Jason\Desktop\AdwCleaner_5.200.exe
2016-06-18 14:42 - 2016-06-18 14:42 - 00000085 _____ C:\Windows\wininit.ini
2016-06-18 14:21 - 2016-06-18 14:22 - 00001941 _____ C:\Users\Jason\Desktop\Fixlog.txt
2016-06-18 13:28 - 2016-06-18 14:26 - 00053960 _____ C:\Users\Jason\Desktop\Addition.txt
2016-06-18 13:27 - 2016-06-18 16:33 - 00022654 _____ C:\Users\Jason\Desktop\FRST.txt
2016-06-18 13:27 - 2016-06-18 16:32 - 02387456 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe
2016-06-18 13:26 - 2016-06-18 16:33 - 00000000 ____D C:\FRST
2016-06-18 12:48 - 2016-06-18 12:48 - 00005362 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL
2016-06-18 12:22 - 2016-06-18 12:22 - 00001782 _____ C:\Users\Jason\Desktop\Chrome.lnk
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOShared
2016-06-18 11:53 - 2016-06-18 11:53 - 00000000 ____D C:\ProgramData\USOPrivate
2016-06-18 11:21 - 2016-04-23 21:32 - 00001556 _____ C:\Windows\system32\Drivers\etc\hosts.20160618-112155.backup
2016-06-18 11:13 - 2016-06-18 11:13 - 00000000 ____D C:\ProgramData\Emsisoft
2016-06-18 11:10 - 2016-06-18 14:43 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-06-18 11:05 - 2016-06-18 11:05 - 00000000 ____D C:\$SysReset
2016-06-17 20:55 - 2016-06-17 20:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-17 20:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-06-17 20:53 - 2016-06-18 14:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-17 20:53 - 2016-06-18 14:42 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-17 20:53 - 2016-06-17 20:53 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-06-17 20:49 - 2016-06-18 14:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 20:45 - 2016-06-17 20:45 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-06-17 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-17 20:45 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-17 20:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-17 20:35 - 2016-06-17 20:35 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-06-17 20:35 - 2016-06-17 20:35 - 00001967 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-06-17 20:34 - 2016-06-17 20:34 - 00536312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-06-17 20:34 - 2016-06-17 07:46 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-17 20:26 - 2016-06-17 20:27 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Users\Jason\AppData\Local\Mozilla
2016-06-17 20:26 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-17 20:25 - 2016-06-17 20:25 - 00002608 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2016-06-17 20:21 - 2016-06-17 20:36 - 00000000 ____D C:\Users\Jason\Desktop\School
2016-06-17 07:54 - 2016-06-17 20:35 - 00004042 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466142880
2016-06-17 07:54 - 2016-06-17 20:35 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 07:54 - 2016-06-17 07:54 - 00001082 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-06-17 07:52 - 2016-06-17 20:58 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 07:52 - 2016-06-17 20:58 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 07:52 - 2016-06-17 20:26 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-17 07:52 - 2016-06-17 20:26 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-17 07:52 - 2016-06-17 07:52 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-06-17 07:46 - 2016-06-17 20:34 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-17 07:46 - 2016-06-17 07:46 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-17 07:46 - 2016-06-17 07:46 - 00000000 ____D C:\Users\Jason\AppData\Roaming\AVAST Software
2016-06-17 07:46 - 2016-06-17 07:45 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-17 07:45 - 2016-06-17 07:45 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-17 07:42 - 2016-06-17 07:42 - 00002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-17 07:42 - 2016-06-17 07:42 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-17 07:42 - 2016-06-17 07:42 - 00000000 ____D C:\Program Files\CCleaner
2016-06-17 07:36 - 2016-06-17 07:36 - 00000000 ____D C:\Users\Jason\Documents\Benutzerdefinierte Office-Vorlagen
2016-06-17 07:35 - 2016-06-17 07:40 - 06893008 _____ (Piriform Ltd) C:\Users\Jason\Downloads\ccsetup518.exe
2016-06-17 07:34 - 2016-06-17 07:52 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-17 07:31 - 2016-06-17 07:32 - 05066104 _____ (AVAST Software) C:\Users\Jason\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-17 07:29 - 2016-06-18 14:48 - 00000000 ____D C:\AdwCleaner
2016-06-17 07:28 - 2016-06-17 07:44 - 243864880 _____ (Emsisoft Ltd. ) C:\Users\Jason\Downloads\EmsisoftAntiMalwareSetup.exe
2016-06-17 07:28 - 2016-06-17 07:29 - 03703360 _____ C:\Users\Jason\Downloads\adwcleaner_5.200.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2016-06-17 04:38 - 2016-06-17 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2016-06-17 04:38 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2016-06-17 04:18 - 2016-06-17 04:21 - 00000000 ____D C:\Users\Jason\AppData\Local\Chromium
2016-06-17 04:15 - 2016-06-18 14:48 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-17 04:14 - 2016-06-17 04:14 - 00000000 _____ C:\Windows\-1
2016-06-17 03:58 - 2016-06-17 20:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Windows\PCHEALTH
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-17 03:58 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-06-17 03:57 - 2016-06-17 03:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 __RHD C:\MSOCache
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Users\Jason\AppData\Local\Microsoft Help
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-17 03:57 - 2016-06-17 03:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-06-16 14:20 - 2016-06-18 14:22 - 00000000 ____D C:\Users\Jason\AppData\LocalLow\Temp
2016-06-15 19:18 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-15 19:18 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-15 19:18 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-15 19:18 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-15 19:18 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-15 19:18 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-15 19:18 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-15 19:18 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-15 19:18 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-15 19:18 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-15 19:18 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-15 19:18 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-15 19:18 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-15 19:18 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-15 19:18 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-15 19:18 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-15 19:18 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-15 19:18 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-15 19:18 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-15 19:17 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-15 19:17 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-15 19:17 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-15 19:17 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-15 19:17 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-15 19:17 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-15 19:17 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-15 19:17 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-15 19:17 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-15 19:17 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-15 19:17 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-15 19:17 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-15 19:17 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 19:17 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-15 19:17 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-15 19:17 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-15 19:17 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-15 19:17 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-15 19:17 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-15 19:17 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-15 19:17 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-15 19:17 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-15 19:17 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-15 19:17 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-15 19:17 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-15 19:17 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-15 19:17 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-15 19:17 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-15 19:17 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-15 19:17 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-15 19:17 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-15 19:17 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-15 19:17 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-15 19:17 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-15 19:17 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-15 19:17 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-15 19:17 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-15 19:17 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-15 19:17 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-15 19:17 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-15 19:17 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-15 19:17 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-15 19:17 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-15 19:17 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-15 19:17 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-15 19:17 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-15 19:17 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-15 19:17 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-15 19:17 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-15 19:17 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-15 19:17 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-15 19:17 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-15 19:17 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-15 19:17 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-15 19:17 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-15 19:17 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-15 19:17 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-15 19:17 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 17:38 - 2016-06-14 17:38 - 00001002 _____ C:\Users\Jason\Desktop\Minecraft.lnk
2016-06-13 18:50 - 2016-06-13 18:50 - 00000000 ____D C:\Users\Jason\AppData\Local\ElevatedDiagnostics
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp
2016-06-11 14:07 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-11 14:06 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-06-11 14:06 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-11 14:06 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-11 14:05 - 2016-06-03 09:22 - 39977920 _____ C:\Windows\system32\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 17432544 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 08733792 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00565208 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-11 14:05 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-03 03:50 - 2016-05-21 23:09 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436822.dll
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-03 03:50 - 2016-05-20 10:03 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-03 03:48 - 2016-06-03 03:48 - 00000000 ____D C:\Users\Jason\Documents\Overwatch
2016-06-02 21:15 - 2016-06-02 21:15 - 00001173 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-06-02 21:15 - 2016-06-02 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-06-02 19:19 - 2016-06-15 17:29 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-02 19:16 - 2016-06-16 19:53 - 00000000 ____D C:\Users\Jason\AppData\Local\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000676 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Blizzard Entertainment
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-02 19:16 - 2016-06-02 19:16 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-02 19:12 - 2016-06-05 13:04 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Battle.net
2016-06-02 19:12 - 2016-06-02 19:12 - 00000000 ____D C:\ProgramData\Battle.net
2016-05-20 22:28 - 2016-05-20 22:28 - 00000000 ____D C:\Users\Jason\Documents\NCSOFT
2016-05-20 00:04 - 2016-05-20 00:04 - 00000823 _____ C:\Users\Public\Desktop\WildStar.lnk
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Roaming\NCSOFT
2016-05-20 00:02 - 2016-05-20 00:02 - 00000000 ____D C:\Users\Jason\AppData\Local\NCSOFT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-18 16:25 - 2016-04-08 08:11 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D1EF5C9D-4F0F-4BC3-AA26-FDB376C3839A}
2016-06-18 15:43 - 2016-04-27 12:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-18 14:55 - 2016-03-07 17:20 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-18 14:55 - 2015-10-30 20:35 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-06-18 14:55 - 2015-10-30 20:35 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-06-18 14:55 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-06-18 14:49 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-18 14:49 - 2016-03-07 17:13 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 14:49 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-18 14:21 - 2016-03-07 22:15 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Spotify
2016-06-18 14:16 - 2016-03-07 20:19 - 00000000 ____D C:\Users\Jason\AppData\Roaming\Skype
2016-06-18 13:56 - 2016-03-07 22:16 - 00000000 ____D C:\Users\Jason\AppData\Local\Spotify
2016-06-18 13:43 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-06-18 13:16 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 10:07 - 2016-03-07 20:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-18 09:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-17 20:58 - 2016-03-07 17:12 - 00355288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 20:58 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SystemApps
2016-06-17 20:26 - 2016-03-09 20:12 - 00002834 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason
2016-06-17 20:23 - 2016-04-20 17:23 - 00000000 ____D C:\Users\Jason\AppData\Local\CrashDumps
2016-06-17 20:23 - 2016-04-12 21:30 - 00000000 ____D C:\Windows\Minidump
2016-06-17 20:23 - 2016-03-31 01:01 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TeamViewer
2016-06-17 20:23 - 2016-03-07 17:11 - 00000000 ____D C:\Windows\Panther
2016-06-17 20:21 - 2016-03-09 17:42 - 00000000 ____D C:\Users\Jason\Desktop\Projekte-Bilder
2016-06-17 07:57 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-06-17 07:54 - 2016-03-07 19:54 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-17 07:52 - 2016-03-07 19:58 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-17 07:35 - 2016-03-07 19:18 - 00000000 ____D C:\Users\Jason\AppData\Local\MicrosoftEdge
2016-06-17 04:59 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\addins
2016-06-17 04:25 - 2016-03-07 17:14 - 00000000 ____D C:\Users\Jason
2016-06-17 03:58 - 2015-10-30 20:44 - 00000000 ____D C:\Windows\ShellNew
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-17 03:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-17 03:57 - 2015-10-30 09:24 - 00000167 _____ C:\Windows\win.ini
2016-06-17 03:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-17 03:37 - 2016-03-09 17:49 - 00000000 ____D C:\Users\Jason\AppData\Local\Adobe
2016-06-16 13:36 - 2016-03-07 17:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 22:40 - 2016-03-07 19:17 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 22:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-06-15 19:23 - 2016-03-07 20:33 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 19:20 - 2016-03-07 20:32 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 18:26 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-06-14 17:38 - 2016-04-13 19:35 - 00000000 ____D C:\Users\Jason\Desktop\Mc
2016-06-13 19:03 - 2016-04-13 18:45 - 00000000 ____D C:\Users\Jason\Desktop\Treiber
2016-06-13 18:40 - 2016-04-22 19:51 - 00000000 ____D C:\Users\Jason\Documents\Rainmeter
2016-06-12 16:54 - 2016-03-12 22:12 - 00000000 ____D C:\Users\Jason\AppData\Roaming\TS3Client
2016-06-11 14:07 - 2016-04-12 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-11 14:07 - 2016-03-07 17:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-04 02:51 - 2016-04-12 21:13 - 13553096 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-03 16:20 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\LiveKernelReports
2016-06-03 09:22 - 2016-04-12 21:13 - 20375488 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 17729184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 14462536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03811256 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-03 09:22 - 2016-04-12 21:13 - 03371624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-11-10 02:12 - 00040084 _____ C:\Windows\system32\nvinfo.pb
2016-06-03 05:59 - 2016-04-12 21:15 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-04-12 21:15 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-03-07 17:22 - 06364216 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 02455608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-03-07 17:22 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-03 05:59 - 2016-03-07 17:22 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-03 04:22 - 2016-03-07 19:22 - 00000000 ____D C:\ProgramData\ProductData
2016-05-28 07:55 - 2016-03-07 17:13 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-05-26 20:16 - 2016-03-26 18:39 - 00000000 ____D C:\ProgramData\Origin
2016-05-26 20:06 - 2016-03-26 19:44 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-26 20:06 - 2016-03-26 19:44 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-21 23:09 - 2015-11-10 04:14 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-05-20 00:04 - 2016-04-20 07:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

1998-01-12 02:00 - 1998-01-12 02:00 - 0049931 _____ () C:\Users\Jason\AppData\Roaming\Jaundice.N62
1998-10-27 02:00 - 1998-10-27 02:00 - 0001693 _____ () C:\Users\Jason\AppData\Roaming\Palaeoecology.W
2016-06-13 18:09 - 2016-06-13 18:12 - 39072058 _____ () C:\Users\Jason\AppData\Local\ZBarWallpaper.bmp

Einige Dateien in TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\libeay32.dll
C:\Users\Jason\AppData\Local\Temp\msvcr120.dll
C:\Users\Jason\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-11 14:06

==================== Ende von FRST.txt ============================

SafeCall 18.06.2016 15:38
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-06-2016
durchgeführt von Jason (2016-06-18 16:34:02)
Gestartet von C:\Users\Jason\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-07 15:13:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1369008476-2929507647-2192831292-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1369008476-2929507647-2192831292-503 - Limited - Disabled)
Gast (S-1-5-21-1369008476-2929507647-2192831292-501 - Limited - Disabled)
Jason (S-1-5-21-1369008476-2929507647-2192831292-1001 - Administrator - Enabled) => C:\Users\Jason

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version:  - Treyarch)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Corsair Gaming Headset Software (HKLM-x32\...\{F07ECABA-F37C-4D1D-A244-829195193DA7}) (Version: 2.0.37 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{3B236485-CCE7-48DE-82DC-A5EA54A6F7D6}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.22-0.11.17-beta - Riot Games)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PARTHICA Core Gaming Keyboard Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - SPEEDLINK)
Proxifier version 3.29 (HKLM-x32\...\Proxifier_is1) (Version: 3.29 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2607 - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.18 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FDBEEC109F51}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0101DB32-B0CC-4B29-B4D7-5E881651DB8B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {0190965E-37B0-452C-BFE0-41F58644CBCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {1AD64556-5501-41A2-ACC6-CAE3AE1EA809} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-KSH5MTL-Jason DESKTOP-KSH5MTL => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {2D74239E-5052-43B3-A537-A68D1289B0BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {2F7C8DDD-16EE-45D6-BAC1-3495E345D0F0} - System32\Tasks\SafeZone scheduled Autoupdate 1466142880 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {4322A2E5-E438-4973-8923-68F3DDE78969} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {46C2D336-44D9-4E18-8DAD-4036CCF8DA65} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {586B6CAD-3757-4BA7-A47D-E684342E4815} - System32\Tasks\Driver Booster SkipUAC (Jason) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {5C5452DF-0976-4651-8E00-FBD2035214B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {6B6CB93F-50C4-4554-ADE2-2BFB84AF4E7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {73E8AF38-5956-48C0-850E-20AADE99CF0F} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {740BD406-966D-44AB-BB13-D374D9759238} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-17] (AVAST Software)
Task: {8FC2B8D6-395C-4284-99A0-648794CFE946} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-17] (Google Inc.)
Task: {AEFFF2DE-EFF2-4E1B-A898-8C1825E37540} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-KSH5MTL-Jason => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {BF0C6B78-B181-4CA3-8778-151BD35EE0EE} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C271BD39-FE65-41F2-8D61-27BD0810D2AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {CD517F5F-F6CC-4476-8A82-46D7F2FCF356} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2016-04-20 21:32 - 2015-03-28 15:55 - 00096840 _____ () C:\Windows\system32\PrxerNsp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-07 17:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-06-18 17:18 - 2014-06-18 17:18 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-03-27 00:46 - 2016-03-27 00:46 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-04-12 21:16 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-04-12 21:16 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-12 21:16 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-12 21:16 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 19:10 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-03-07 20:30 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 19:24 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 19:18 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 19:18 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 19:18 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 19:18 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00113152 _____ () C:\Program Files\Rainmeter\Plugins\ResMon.DLL
2016-03-22 17:54 - 2016-03-22 17:54 - 00022016 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2016-03-22 17:53 - 2016-03-22 17:53 - 00123392 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00128000 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00108544 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00134656 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00192512 _____ () C:\Program Files\Rainmeter\Plugins\FileView.DLL
2016-06-13 18:25 - 2016-06-13 18:25 - 00719872 _____ () C:\Users\Jason\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2016-03-22 17:53 - 2016-03-22 17:53 - 00171008 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2016-05-14 00:09 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-05-14 00:09 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-05-14 00:09 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 02:10 - 2016-06-03 02:10 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 02:10 - 2016-06-03 02:10 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-07 17:56 - 2016-03-07 17:57 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-18 09:54 - 2016-06-18 09:54 - 02935808 _____ () C:\Program Files\AVAST Software\Avast\defs\16061800\algo.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-17 07:45 - 2016-06-17 07:45 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-12 21:16 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-17 07:46 - 2016-06-17 07:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 07:54 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7904 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2016-06-18 11:21 - 00453460 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        activation-v2.kaspersky.com
127.0.0.1        activation-v2.geo.kaspersky.com127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123haustiereundmehr.com
127.0.0.1        123moviedownload.com

Da befinden sich 15535 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run32: => "P17RunE"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SL-6482 Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Corsair Utility Engine"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ISCT Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Udmedia"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "YZPack"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Oxxics"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1369008476-2929507647-2192831292-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6131E621-FDE5-44F2-9CE6-425DFF3C86E1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{810FD576-273A-4D7B-96AA-0E8B607BB2F3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{905EC3D8-A127-42F6-B2EE-F625EEB39500}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{4F1E811F-F5D0-4ACA-B414-70D60E2B7B33}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E2056337-7E44-4E4D-8C2A-8363A2706B83}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{A978A507-C7BB-4482-95DA-1D48A18324F2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{44354F4C-075B-400D-BA06-6CD65468587B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B4D91253-B2EF-4E77-BE4B-399F7C177C05}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1BC6E792-9E41-4416-AA68-7525CE995266}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B192FE53-AC1D-49CE-A969-895C2E8119C1}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{381891B0-56AD-49C7-9218-78B0CD5E824D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{51D72A44-BAE0-49C6-8386-A890B4394BC1}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{358C67D9-D5AB-4CA6-8CD2-B3A0378B798E}C:\users\jason\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jason\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F2E293B-98E5-4CAD-8A2E-55C385170B50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B0B621B7-3C61-40E2-BDB7-ABB0C3FB84EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5DCF411-EA4E-4843-95BF-988FC691F9D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A529575-A63D-4028-8FFC-04A5F87DFA54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{91569899-59A8-4D13-92E1-75647B313D51}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{233D6302-5406-4696-AFB7-FB04FCDB567A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6218D5E3-805B-4308-B351-75C90441765D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3A8378CB-B1E8-4318-A6D2-91EF7F1A0AB4}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{57817442-8257-4D9D-BEE9-36E91740CD24}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{CF0AF5BF-8C54-4D2A-AA21-8110E839DCE1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{90A3D202-A820-47CA-9EDB-8B31A180B5CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{06E797AA-FFCF-45F4-A26D-356D8186A4D9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4374612E-A4E1-479A-9991-762FC9566F74}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{06A334F4-F93A-487F-BBDA-EDE704234BAF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D2CA67A4-9E6F-4408-B404-E4818F607BA5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C765FFDD-EF36-424B-9A66-BAB87777AD42}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{45BB9819-AA99-4FD7-A246-F0B41781EDBF}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{1111FED4-521A-4D4D-9619-2C9BEA13D664}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{0F393A4B-407A-4066-AD21-FD1B33409620}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4629553-AE24-470A-95EE-1A59C623CF3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{43044DB2-DF8A-47AC-B439-271814A7A941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC2A39D8-AC25-4339-BB91-8B70CB78F0F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EAAEFD9B-1027-4B78-A4A5-CEFD4F397872}] => (Allow) LPort=8317
FirewallRules: [{BBA82E3D-8D3E-443C-9FE1-7BD07C2B39CF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{32BB7D60-6DCC-4A88-B5A3-8D5F925B45EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2287E9B7-B314-42DE-B684-D94B77997365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3D196C07-A404-4CC6-A17C-1B61EEBB0F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BB9A6432-44FC-4248-A513-176C2E6CA05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5D09FF5E-8EE7-46DF-BFCD-1DC31C3C9728}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D890147-64CF-44E2-A891-A36937052171}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8118627F-F677-4309-B26C-D5C74707B355}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{64B805F0-08B6-40BB-9F6F-D0B30BBF6335}C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jason\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B8F81720-BF70-4FF0-987D-1D6FDD164685}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{70EB8D72-E106-48D9-A1E4-BA8F3E033A18}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6AA4FE9B-4C09-41BC-8F9B-5BC9B5F2D51B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E83C8B51-26D8-4C4D-A199-745DD34A46A1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F52CB433-48AF-48E5-828A-2D97B47025F1}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{D1033B6A-954C-4E4B-A1FD-7FFA6D0873E0}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{65750AF5-4BDA-45D0-B324-01CABEC9FB42}D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{2700FAF6-29AD-4BB8-84BA-196E0985AC72}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6F194FA5-99AE-4D9E-AA7D-89586FF96591}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B8611968-C770-427A-BDBA-2DC9781C45BA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{21E0DAE0-38A0-4C5A-A405-9C9AA8F229D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{3E4B7DE5-43D9-4E34-A5D9-E442F6D27203}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{9867B49B-3082-43FD-9416-E64E29DEB600}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{8C38DFB3-8F28-417C-8880-4CD48EBE9748}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B9E06F-EC85-403F-855D-97AFC4367CFC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6BFF4AF-7DE6-43EB-8411-76F67F843DA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{35B9812A-2ECD-4199-8F08-614531FC8563}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A5F52E47-02EE-40E4-99CD-207A62BC40AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98DEC2D8-453F-4164-92D3-9C300D7BC0CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3AB3326-B8C1-46E3-99CE-BAC078830146}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

14-06-2016 18:27:04 Geplanter Prüfpunkt
17-06-2016 03:57:15 Installed Microsoft Office Professional Plus 2013
17-06-2016 03:57:20 PROPLUSR
18-06-2016 10:06:07 ASU_MSI_TRAN

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/18/2016 04:32:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 16.6.2016.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 388

Startzeit: 01d1c96e3eb901dd

Beendigungszeit: 1745

Anwendungspfad: C:\Users\Jason\Desktop\FRST-OlderVersion\FRST64.exe

Berichts-ID: 88b9582f-3561-11e6-970a-bc5ff419b6ed

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/18/2016 04:17:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 04:17:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:02:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:01:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:01:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:01:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:01:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 03:01:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/18/2016 02:43:35 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


Systemfehler:
=============
Error: (06/18/2016 03:07:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 03:07:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jason\AppData\Local\Temp\ehdrv.sys

Error: (06/18/2016 03:07:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 03:07:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jason\AppData\Local\Temp\ehdrv.sys

Error: (06/18/2016 03:07:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 03:07:35 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jason\AppData\Local\Temp\ehdrv.sys

Error: (06/18/2016 03:04:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 03:04:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jason\AppData\Local\Temp\ehdrv.sys

Error: (06/18/2016 03:04:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 03:04:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jason\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-06-18 13:43:35.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 12:00:49.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 04:38:40.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-17 03:59:05.492
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 13:36:17.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 19:27:59.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-13 18:27:45.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-13 18:27:45.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\PrxerDrv.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8083.68 MB
Verfügbarer physikalischer RAM: 5310.56 MB
Summe virtueller Speicher: 9363.68 MB
Verfügbarer virtueller Speicher: 5996.75 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:87.62 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:759.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A7F96F5D)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00F987B4)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Ich habe noch 2 Fragen , einmal sehe ich es richtig im Eset log das 3 Problem gefunden wurden aber keins behoben ?
Und 2. Da ich die Maleware nur durch zufall entdeckt habe ohne das mir Malewarebytes oder Avast etwas gesagt haben , kann es dann nicht prinzipiell sein das sich noch mehr Maleware auf dem Rechner verbirgt ohne vom Antivir gefunden zu werden ?

deeprybka 18.06.2016 15:56
Zitat:
Zitat von SafeCall (Beitrag 1592685)
Ich habe noch 2 Fragen , einmal sehe ich es richtig im Eset log das 3 Problem gefunden wurden aber keins behoben ?
Und 2. Da ich die Maleware nur durch zufall entdeckt habe ohne das mir Malewarebytes oder Avast etwas gesagt haben , kann es dann nicht prinzipiell sein das sich noch mehr Maleware auf dem Rechner verbirgt ohne vom Antivir gefunden zu werden ?
Ja, das ist der Chip-Installer. Der ist irrelevant. Einfach Dateien löschen.
Zitat:
C:\Users\Jason\Downloads\Driver Booster Free - CHIP-Installer.exe
D:\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
D:\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
Das was ein Antivirusprogramm nicht sieht, sehe ich - und umgekehrt. :)

Alte Javaversionen immer deinstallieren. Office gibt's auch zum Kaufen. Mit Cracks fängt man sich die meiste Malware ein.


http://deeprybka.trojaner-board.de/b...ndeeprybka.gif
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)



http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.


http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

http://deeprybka.trojaner-board.de/eset/esetmd.png

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

SafeCall 18.06.2016 16:07
Alles klar dann bedanke ich mich herzlich und wünsche noch ein schönen Tag :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:46 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131