Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Hohe CPU-Auslastung durch svchost.exe und Leerlaufprozesse(ram-auslastung) (https://www.trojaner-board.de/180037-hohe-cpu-auslastung-svchost-exe-leerlaufprozesse-ram-auslastung.html)

TheDellin 02.07.2016 15:07
Hohe CPU-Auslastung durch svchost.exe und Leerlaufprozesse(ram-auslastung)
 
Hallöle :kloppen:

Mein folgendes Problem lautet wie folgt: Seit meiner Windows 10 Installation, wo Windows freigegeben wurde(vor ca.1 Jahr) tritt diese Fehlermeldung andauernd auf. Ich habe versucht diverse Dll. manuell zu installieren, was aber ohne Erfolg war.

https://gyazo.com/ac4cb44412432e9061922190ea329d90

Mein zweites Problem ist, das meine Svchost.exe und die Leerlaufprozesse meine Cpu und Ram zu 50% stark belasten.

https://gyazo.com/b5e446e9736b743ae3c8222cb20bf290

Und hier noch ein Screenshot für die Programme,die ich geöffnet habe.

https://gyazo.com/8c6ee97c88a592b2e126c680ef67cc2a

Ich hoffe ihr könnt mir in irgendeiner Weise helfen, danke im voraus :)

cosinus 02.07.2016 15:10
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

TheDellin 02.07.2016 15:24
Hi und danke :)

Diese Berichte(Viren) hatte ich vor einiger Zeit, aber habe nix schlimmes bemerkt

https://gyazo.com/ff4f3a4535cfcfcf8f189535c974050d


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Sebastian (administrator) on BASTI-PC (02-07-2016 16:16:01)
Running from C:\Users\Sebastian\Downloads
Loaded Profiles: Sebastian (Available Profiles: Sebastian & Administrator)
Platform: Windows 10 Home (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
() C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.22\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\LoLPatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Hearthstone\Hearthstone.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MBCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2014-09-23] ()
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [Spotify Web Helper] => C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-06-28] (Spotify Ltd)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3106568 2016-06-14] (Wargaming.net)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\MountPoints2: {5b1cdc88-6375-11e5-8292-448a5b884a55} - "E:\pushinst.exe"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\MountPoints2: {a6a26bd5-329b-11e4-8258-806e6f6e6963} - "D:\DVDSetup.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-09-25]
ShortcutTarget: Killer Network Manager.lnk -> C:\WINDOWS\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ae0ecf40-b407-43cd-b7a8-b25a5d0e017f}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UmbhrXSM.default
FF NewTab: hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-29] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2015-09-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1910738958-1663039028-3647407689-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-06-08] ()
FF Extension: Avira Browser Safety - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UmbhrXSM.default\Extensions\abs@avira.com [2014-12-11] [not signed]

Chrome:
=======
CHR StartupUrls: Profile 1 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-25]
CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-25]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-25]
CHR Extension: (Avira Browserschutz) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
CHR Extension: (Google Docs Offline) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-17] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-05] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-20] (GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-29] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-10-21] (MSI) [File not signed]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026880 2014-09-26] (MSI) [File not signed]
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2118656 2014-10-23] () [File not signed]
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1993216 2014-09-26] () [File not signed]
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2242048 2014-10-21] () [File not signed]
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-07-28] () [File not signed]
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [550400 2014-09-25] () [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-09] (Electronic Arts)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
S3 fwlanusb5; C:\Windows\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
S3 MSICDSetup; D:\CDriver64.sys [28984 2009-08-12] (Your Corporation)
S3 NTIOLib_1_0_C; D:\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 16:16 - 2016-07-02 16:16 - 00027220 _____ C:\Users\Sebastian\Downloads\FRST.txt
2016-07-02 16:15 - 2016-07-02 16:16 - 00000000 ____D C:\FRST
2016-07-02 16:13 - 2016-07-02 16:15 - 02390016 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2016-07-02 15:56 - 2016-07-02 15:56 - 00016148 _____ C:\WINDOWS\system32\BASTI-PC_Sebastian_HistoryPrediction.bin
2016-07-02 15:24 - 2016-07-02 15:24 - 01270466 _____ C:\Users\Sebastian\Downloads\ProcessExplorer.zip
2016-07-02 15:09 - 2016-07-02 15:09 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2016-07-02 00:55 - 2016-07-02 00:55 - 00033752 _____ C:\Users\Sebastian\Downloads\Konto_1910944432-Auszug_2016_002.PDF
2016-07-01 20:23 - 2016-07-01 20:23 - 05912072 _____ (Wargaming.net ) C:\Users\Sebastian\Downloads\WoWS_internet_install_eu.exe
2016-07-01 20:23 - 2016-07-01 20:23 - 00000843 _____ C:\Users\Sebastian\Desktop\World of Warships.lnk
2016-07-01 20:23 - 2016-07-01 20:23 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-07-01 20:23 - 2016-07-01 20:23 - 00000000 ____D C:\Games
2016-07-01 04:12 - 2016-07-01 04:12 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\Smartly Dressed Games
2016-07-01 00:09 - 2016-07-01 00:09 - 00000222 _____ C:\Users\Sebastian\Desktop\Unturned.url
2016-06-30 15:08 - 2016-06-30 15:08 - 05281004 _____ C:\Users\Sebastian\Downloads\dolphin-master-5.0-106-x64.7z
2016-06-28 16:54 - 2016-06-28 16:54 - 00000002 _____ C:\END
2016-06-28 02:10 - 2016-06-28 02:10 - 00000219 _____ C:\Users\Sebastian\Desktop\Counter-Strike Global Offensive.url
2016-06-18 01:44 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-18 01:41 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-16 13:46 - 2016-06-16 13:46 - 00001484 _____ C:\Users\Public\Desktop\World of Warcraft Public Test.lnk
2016-06-15 17:21 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 17:21 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 17:21 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 17:21 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 17:21 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-15 17:21 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 17:21 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 17:21 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 17:21 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 17:21 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2016-06-15 17:21 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 17:21 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 17:21 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 17:21 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 17:21 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 17:21 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-15 17:21 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 17:21 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 17:21 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 17:21 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-15 17:21 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-06-15 17:21 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 17:21 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 17:21 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 17:21 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 17:21 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 17:21 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 17:21 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 17:21 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 17:21 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-15 17:21 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 17:21 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 17:21 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 17:21 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 17:21 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 17:21 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-15 17:21 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 17:21 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 17:21 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 17:21 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 17:21 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 17:21 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 17:21 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 17:21 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 17:21 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 17:21 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 17:21 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 17:21 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 17:21 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 17:21 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 17:21 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 17:21 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 17:21 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 17:21 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 17:21 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-15 17:21 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 17:21 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 17:21 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 17:21 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 17:21 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 17:21 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 17:21 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 17:21 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 17:21 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 17:21 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 17:21 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-13 22:29 - 2016-06-13 22:29 - 00001285 _____ C:\Users\Sebastian\Desktop\Uplay.lnk
2016-06-13 22:29 - 2016-06-13 22:29 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-02 18:50 - 2016-06-02 18:50 - 00130192 ____H C:\WINDOWS\SysWOW64\mlfcache.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 16:15 - 2014-09-03 02:05 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Battle.net
2016-07-02 16:10 - 2014-09-03 01:54 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\TS3Client
2016-07-02 15:59 - 2014-09-04 02:22 - 00007597 _____ C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2016-07-02 15:57 - 2015-11-29 19:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-02 15:29 - 2015-11-29 19:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-02 15:29 - 2015-11-29 19:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 15:28 - 2014-09-02 17:21 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Spotify
2016-07-02 15:28 - 2014-09-02 17:21 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Spotify
2016-07-02 14:28 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 14:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-02 14:25 - 2014-12-09 20:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-02 14:24 - 2014-12-09 20:55 - 00000986 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-02 14:24 - 2014-10-29 15:58 - 00001167 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-07-02 14:24 - 2014-10-29 15:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-02 14:24 - 2014-09-02 14:53 - 00001625 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2016-07-02 14:19 - 2015-12-27 14:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\CrashDumps
2016-07-02 14:19 - 2014-12-09 19:55 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-02 14:19 - 2014-09-13 13:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-02 14:16 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-02 04:51 - 2015-07-29 14:35 - 00000000 ____D C:\Users\Sebastian
2016-07-02 04:49 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-02 04:49 - 2014-09-11 10:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 04:48 - 2015-07-10 11:05 - 01572864 ___SH C:\WINDOWS\system32\config\BBI
2016-07-02 04:44 - 2014-09-03 15:25 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-02 04:06 - 2015-11-20 18:22 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Public Test
2016-07-01 21:04 - 2016-03-23 14:00 - 00000000 ____D C:\Users\Sebastian\Desktop\PokeMMO
2016-07-01 21:04 - 2015-10-27 22:09 - 00000000 ____D C:\Users\Sebastian\Desktop\PBE LOL
2016-07-01 14:20 - 2014-12-09 19:56 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-30 14:09 - 2014-09-02 14:42 - 00001879 _____ C:\Users\Sebastian\Desktop\Spotify.lnk
2016-06-30 03:04 - 2014-11-26 19:47 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-06-29 14:05 - 2015-02-06 21:36 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-06-29 01:11 - 2015-11-20 01:18 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-28 22:55 - 2014-09-03 01:41 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Packages
2016-06-27 02:45 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-06-27 02:20 - 2016-03-23 14:06 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C836979E-9B94-478C-AA55-8349EBCE65B6}
2016-06-27 02:17 - 2016-01-15 22:32 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2016-06-27 02:16 - 2016-01-15 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-06-27 02:16 - 2014-09-02 19:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-26 14:33 - 2014-09-03 01:54 - 00001277 _____ C:\Users\Sebastian\Desktop\TeamSpeak 3 Client.lnk
2016-06-24 21:36 - 2015-09-06 14:44 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Deployment
2016-06-24 00:55 - 2014-09-03 01:54 - 00000000 ____D C:\Users\Sebastian\AppData\Local\TeamSpeak 3 Client
2016-06-18 12:19 - 2014-12-09 19:56 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 01:44 - 2014-09-11 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-18 01:44 - 2014-09-11 09:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-17 21:33 - 2014-09-02 19:57 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\OBS
2016-06-17 19:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-17 14:48 - 2015-11-20 01:26 - 00000000 ____D C:\Users\Sebastian\Documents\Overwatch
2016-06-16 16:11 - 2014-09-13 15:28 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ElevatedDiagnostics
2016-06-16 16:03 - 2015-07-29 18:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 16:00 - 2015-07-10 14:20 - 00349312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 15:57 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 23:13 - 2014-09-04 17:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 23:09 - 2014-09-04 17:57 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 19:32 - 2015-07-29 21:02 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:32 - 2015-07-29 21:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 22:30 - 2015-03-13 22:14 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Ubisoft Game Launcher
2016-06-07 16:34 - 2015-09-25 17:09 - 00003532 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-06-07 16:34 - 2015-09-25 17:09 - 00003396 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-06-07 16:34 - 2015-09-25 17:09 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-06-07 16:23 - 2014-09-02 19:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-06-04 02:51 - 2015-07-29 20:13 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-04 00:40 - 2015-07-29 23:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-03 09:22 - 2015-07-29 20:13 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-07-29 20:13 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-07-29 20:13 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-07-29 20:13 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-07-29 20:13 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2015-12-27 05:04 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2015-12-27 05:04 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-03 05:59 - 2014-09-11 10:23 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2014-09-11 10:23 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2014-09-11 10:23 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2014-09-11 10:23 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2014-09-11 10:23 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2014-09-11 10:23 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2014-09-11 10:23 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Files in the root of some directories =======

2015-07-29 21:38 - 2015-09-25 13:37 - 0000000 _____ () C:\Users\Sebastian\AppData\Local\Driver_LOM_8161Present.flag
2014-09-04 02:22 - 2016-07-02 15:59 - 0007597 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-02 14:13

==================== End of FRST.txt ============================
--- --- ---

--- --- ---

--- --- ---


[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Sebastian (2016-07-02 16:17:14)
Running from C:\Users\Sebastian\Downloads
Windows 10 Home (X64) (2015-07-29 16:34:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1910738958-1663039028-3647407689-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1910738958-1663039028-3647407689-503 - Limited - Disabled)
Guest (S-1-5-21-1910738958-1663039028-3647407689-501 - Limited - Disabled)
Sebastian (S-1-5-21-1910738958-1663039028-3647407689-1001 - Administrator - Enabled) => C:\Users\Sebastian

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{E38C529D-DD73-4002-8489-E09CEBD9BF32}) (Version: 12.2.0.162 - Adobe Systems, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM\...\Steam App 42690) (Version:  - Infinity Ward)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{bba98534-ed63-468f-ab6e-4465a4ddf287}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{c86443c9-2d1c-45a7-8610-586a744cf6bb}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (Version: 1.0.11.1 - LunarG, Inc.) Hidden
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warships (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0713D74B-B14D-451D-ACC3-3128417C2BBA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {1340EF19-7445-4638-9FE2-539DEC22FD32} - System32\Tasks\{C5257424-C472-45FA-AB72-75E1DD71206C} => pcalua.exe -a C:\Users\Sebastian\AppData\Local\Akamai\uninstall.exe
Task: {1522F366-C8B1-4E97-8B28-4507BF65468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2BCD67D5-FCD3-4139-AE30-A2030DF1B39E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3336CA96-9B35-4D94-93BB-55571F3693C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {34871C1D-3DE6-4E1F-93CB-8349DDD8397B} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {399BE42F-43B3-4115-87D2-B85B28BEE919} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {45600FE6-833F-4FFB-8956-48A748149676} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5435F56C-5DC5-455F-8443-59121313F8B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {5EE6779F-BFA5-4ACD-988B-D3EB07358A12} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-29] (Adobe Systems Incorporated)
Task: {687384EE-3F25-4BF2-B747-89744388C06F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {6A204713-8204-4C9D-A547-FE6B93816B19} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6C70220C-9902-443D-B66C-A5A7037235B0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7B1EE4C8-82CD-4789-9936-1B7263139C56} - System32\Tasks\{70063BB9-E473-480D-AD93-8A3BEECA50B0} => Chrome.exe hxxp://ui.skype.com/ui/0/7.7.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {7C26587C-1C1A-4AA2-92A0-FA9F27108DEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7F1C1C4B-39A0-4961-80BD-12F940D3D796} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {885A4298-FF1D-4BB7-908B-909AB5E61B3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {893766EB-B9D2-422C-9886-2AC60724E86E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {94286A8C-267B-458F-BDFA-6B5F2F257B83} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {B32D8773-B510-4367-A13B-4D22BB3EA125} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B64D4891-95B8-4D1B-89B1-79C51D19FE48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BCAA1ECE-986A-46C7-9DBF-7822382EA7E5} - System32\Tasks\{7F373508-5AE9-491C-89D3-9DFA8F7F1589} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=enGB --uid=battle.net --displayname="Battle.net"
Task: {C84D2734-9CA3-486B-B883-76DE6E1FE49D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F64B9FE1-94FD-4DE4-98F7-5015B4CA37E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Google Profile.ico? () -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-07-29 19:50 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 19:26 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-12-17 01:34 - 2014-09-26 12:44 - 01993216 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2016-03-09 17:28 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-27 05:00 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-13 22:02 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-09 17:28 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-04-12 14:41 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-09 17:19 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2014-09-11 10:23 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 16:39 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 16:39 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-23 21:57 - 2016-05-23 21:57 - 00959168 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-07-29 19:40 - 2015-07-29 19:40 - 00256000 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-10-01 19:31 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 17:43 - 2015-11-25 06:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 17:43 - 2015-11-25 06:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 17:43 - 2015-11-25 06:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 19:31 - 2015-09-17 07:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-12-17 01:42 - 2012-11-01 12:23 - 00089600 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2014-12-17 01:42 - 2012-11-01 12:21 - 00325120 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2014-01-22 15:15 - 2014-01-22 15:15 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2016-05-13 22:02 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-13 22:02 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-06-21 19:49 - 2016-06-21 19:49 - 01371624 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
2013-06-12 18:11 - 2014-09-02 14:53 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-06-29 14:01 - 2016-06-29 14:01 - 02321912 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.22\deploy\LoLLauncher.exe
2016-06-29 14:01 - 2016-06-29 14:01 - 04302328 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\LoLPatcher.exe
2016-06-18 12:19 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 12:19 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2014-09-02 15:06 - 2014-09-02 15:06 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\LolClient.exe
2014-09-02 19:56 - 2016-06-01 19:22 - 16110056 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone.exe
2014-09-03 03:47 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-31 14:40 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-23 21:57 - 2016-05-23 21:57 - 00679624 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-21 19:49 - 2016-06-21 19:50 - 37241856 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libcef.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ortp.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libEGL.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libGLESv2.dll
2014-12-09 20:55 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-09 20:55 - 2016-06-15 02:47 - 02387024 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-09 20:55 - 2016-06-15 02:47 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:29 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libglesv2.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libegl.dll
2016-06-29 14:01 - 2016-06-29 14:01 - 01434616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\RiotLauncher.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00984576 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ffmpegsumo.dll
2014-12-09 20:55 - 2016-06-14 21:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-23 19:28 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-04-20 16:37 - 2016-04-20 16:37 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 52042352 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libcef.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 01741936 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 00087664 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libegl.dll
2014-09-02 19:57 - 2016-04-25 11:37 - 00030208 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone_Data\Plugins\PlayErrors32.DLL
2014-09-02 19:57 - 2015-04-14 23:54 - 00014336 _____ () C:\Program Files (x86)\Hearthstone\Hearthstone_Data\Plugins\W8TouchDLL.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\Pictures\LoL\hQH9DNq.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4215F129-755B-4B43-B660-331B80920B95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6AF609C4-E375-442A-BCB3-9A3CFD5B4122}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1AFB9E0-7EC7-4DA9-BAD0-1EE5A7AEB6F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C731052E-1E38-436D-BDE9-F2F7B02D56C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1DECD10A-3EF7-4D07-9AA9-96574CC33FF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F9E1844B-1347-4180-BBB6-78A447EC1BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{9E966C84-F9D9-423F-928F-3ABE2CE5507D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{1CA2DA93-29C3-4D0A-BF33-4F0B7AD33C8F}C:\users\sebastian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sebastian\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6B364697-9B82-411E-8FA3-B8B33D2DDB5F}C:\users\sebastian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sebastian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D7EEFAA2-8310-4D27-8742-EF960B4E784A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{CD06BE1B-95ED-4B36-B5A1-EED09155B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{2CC73C29-93DB-49F4-A36C-A2AFCB7CE914}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3E661876-57E2-46BA-A494-1F67F50C2246}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EBF59D65-CDE8-47A1-8B25-34705B1A8BFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{55F28BF5-7A80-4761-9B6F-AE0B25C29E95}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9262A1DD-19F2-4A20-8BEA-E9D0AEFB4AAC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{7D9DF99C-3492-45B3-8414-8B70DCC070A0}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D1AA3F54-73D9-4033-A8B3-F419C2555885}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{C4B27E6A-8B63-44C9-BCB3-CEE6588AB5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9305E0B0-5A0C-4733-9740-E3C6649FE817}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{871CEE1B-D793-40E5-BFF8-EE51FE6225B3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CA438123-E1BB-4E89-8F40-4E7FA00B8B88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98F55BE3-A5BD-4C90-9433-7F29DEF74B9C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA85D838-EC50-4AAF-8F12-AB005C80F4C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7C8E2A6-BD8A-41CD-BB4F-23E8285D9B0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{697867E2-B6B4-4C31-875C-B4D4D644C444}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{57C525E8-1E6E-488F-B5F3-9C014E9F6166}] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{58DDDFA3-DCE5-4317-808F-7E382F48D152}] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4EB277BE-AB6A-44AA-8668-34E62636DB8A}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E4CD203F-A428-4D7B-B8EE-2B37CC424647}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EC423541-E221-4739-8C66-99BB9D49FC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{19957C94-FAB9-402A-96C9-5A7D89893F11}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{0DE04ADC-9960-4A56-9F02-253B0E11BAC1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6646AA35-5311-486D-B7BE-299B488B71CD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5886A904-A518-4E41-ADB4-2821EDA51C7C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0DE84A8-56E2-4B36-ACAB-2B4031691328}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A254313-0BBA-42FE-B145-5A0885B877AA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{8F5D5259-96F9-4683-AF30-6D220170FD2E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [UDP Query User{244A5D27-92FF-4892-9678-0092765D80C1}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9B6EE64D-E48E-4397-936A-F84972484DD9}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{05B46F2A-1C69-4038-B7BC-C7527785C455}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D3474CD-C721-4E64-BB1E-AF19E950BC12}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B4C6153A-470F-47C0-9911-4A6424F0338A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{90429CB0-F09D-475B-8BC9-2801FF50E388}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{56DE44AC-7C31-41E4-A35B-AD4899E72EA5}C:\users\sebastian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sebastian\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0075DEF2-03E4-46E2-B3F7-5BA4B5742E7D}C:\users\sebastian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sebastian\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1C7F153C-6532-4B7B-86F3-D2B5B07A161E}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{22B2D59B-D18B-4A35-8439-357ED0CF3FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C01B2B43-F7E8-424B-B1F0-A211904CC290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{0302F52F-9967-40BB-84D3-1762A4472179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{5E29BF59-5CD9-479D-946D-25F6E7FFAE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{51E495A6-5542-4DA6-B635-A42904205B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E6E538ED-879E-4D67-8B27-B1376054461E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{0D71C680-3DB1-49AA-A091-2EC75489FC38}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{5748E2D8-E870-4155-B5D1-C18F75213D2D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{7AAFEF8A-D45C-4572-9801-64531379E129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{0D42F2DF-5549-48D8-AF5C-ED9A91C1F366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{E76FF69B-7F93-4A0E-9256-3F502B3AA0DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4C6FD7B1-AA8D-437E-B9BA-E3731488A90D}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{4339C0EA-0230-422C-B3D8-5376895EB2AE}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [{A27EA6A9-4DFE-4AEF-A6BA-88F6738BD76E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ED72B896-141F-4D0C-881B-027DC63039DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EE934AA3-0974-4019-8B68-B870C37A2803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F79079F5-AEB8-44E6-B8A2-752E443FA27C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{689DB1F6-9AA5-4706-B95C-EC628CC94D67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{70FDAAF5-5555-48CA-B908-687F95F7A351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{EEA4F0E1-2265-403E-B7EA-55D2628C7FBF}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{16D0533A-9537-4299-8572-E7AF365CED79}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{0ACFC9F6-00D5-4E51-9662-48B58CC64136}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{46E87B95-BC4F-41F5-968C-AE782E8670B6}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{B2C3B4CA-FE3B-47B8-BE08-545A378FFB36}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{F8890EED-B748-49C1-B41E-FCF5A06E7EFD}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe

==================== Restore Points =========================

27-06-2016 02:15:07 Removed Blade & Soul
28-06-2016 02:27:26 DirectX wurde installiert
02-07-2016 14:14:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2016 03:24:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (07/02/2016 03:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f38cb
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16841, Zeitstempel: 0x570897e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000823b
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (07/02/2016 02:19:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Name des fehlerhaften Moduls: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001b3e4
ID des fehlerhaften Prozesses: 0x16e4
Startzeit der fehlerhaften Anwendung: 0xigfxEM.exe0
Pfad der fehlerhaften Anwendung: igfxEM.exe1
Pfad des fehlerhaften Moduls: igfxEM.exe2
Berichtskennung: igfxEM.exe3
Vollständiger Name des fehlerhaften Pakets: igfxEM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxEM.exe5

Error: (07/02/2016 02:19:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Name des fehlerhaften Moduls: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000014ec8
ID des fehlerhaften Prozesses: 0x1358
Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0
Pfad der fehlerhaften Anwendung: igfxHK.exe1
Pfad des fehlerhaften Moduls: igfxHK.exe2
Berichtskennung: igfxHK.exe3
Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5

Error: (07/02/2016 02:19:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Name des fehlerhaften Moduls: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001d040
ID des fehlerhaften Prozesses: 0x15dc
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (07/02/2016 02:15:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (07/02/2016 04:51:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Name des fehlerhaften Moduls: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000014ec8
ID des fehlerhaften Prozesses: 0x1234
Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0
Pfad der fehlerhaften Anwendung: igfxHK.exe1
Pfad des fehlerhaften Moduls: igfxHK.exe2
Berichtskennung: igfxHK.exe3
Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5

Error: (07/02/2016 04:51:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Name des fehlerhaften Moduls: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001b3e4
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0xigfxEM.exe0
Pfad der fehlerhaften Anwendung: igfxEM.exe1
Pfad des fehlerhaften Moduls: igfxEM.exe2
Berichtskennung: igfxEM.exe3
Vollständiger Name des fehlerhaften Pakets: igfxEM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxEM.exe5

Error: (07/02/2016 04:51:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Name des fehlerhaften Moduls: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001d040
ID des fehlerhaften Prozesses: 0x123c
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (07/02/2016 04:48:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASTI-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (07/02/2016 03:09:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Client License Service (ClipSVC)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/02/2016 02:24:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/02/2016 02:23:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 61%
Total physical RAM: 8069.95 MB
Available physical RAM: 3120.39 MB
Total Virtual: 11397.95 MB
Available Virtual: 4883.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:920.07 GB) (Free:493.56 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (G71-MGD3010) (CDROM) (Total:3.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B0F13E4A)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

==================== End of Addition.txt ============================
--- --- ---

--- --- ---


Hoffe das ist alles richtig?

cosinus 04.07.2016 08:58
Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

TheDellin 04.07.2016 14:35
Guten Tag,
ein Kollege hat mir BitDefender installiert durch Teamviewer und hat meinen Pc in der Zwischenzeit durchschaut. Jedoch hat er nix behoben bekommen, was die Fehlermeldung angeht. Mein Internet arbeitet wieder schneller, trotzdem kann ich z.b. auf Seiten wie Imgur.com nicht zugreifen weil es bei mir das Bild/Gif nicht runterlädt.

cosinus 04.07.2016 15:03
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

TheDellin 04.07.2016 15:09
Alles klar hier sind die


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Sebastian (administrator) on BASTI-PC (04-07-2016 16:06:42)
Running from C:\Users\Sebastian\Downloads
Loaded Profiles: Sebastian (Available Profiles: Sebastian & Administrator)
Platform: Windows 10 Home (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Wargaming.net) C:\Games\World_of_Warships\WargamingGameUpdater.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.22\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\LoLPatcher.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\obkagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\LolClient.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [Spotify Web Helper] => C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-06-28] (Spotify Ltd)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3106568 2016-06-14] (Wargaming.net)
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\MountPoints2: {5b1cdc88-6375-11e5-8292-448a5b884a55} - "E:\pushinst.exe"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\MountPoints2: {a6a26bd5-329b-11e4-8258-806e6f6e6963} - "D:\DVDSetup.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-07-02]
ShortcutTarget: Killer Network Manager.lnk -> C:\WINDOWS\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce53b01a-b80d-4edc-80c0-a739f49ecc34}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UmbhrXSM.default
FF NewTab: hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1910738958-1663039028-3647407689-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-06-08] ()
FF Extension: Avira Browser Safety - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UmbhrXSM.default\Extensions\abs@avira.com [2014-12-11] [not signed]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-06-27] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome:
=======
CHR StartupUrls: Profile 1 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-25]
CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-25]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-25]
CHR Extension: (Google Docs Offline) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-29] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-09] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-24] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)
S3 BEService; "C:\Program Files (x86)\Common Files\BattlEye\BEService.exe" [X]
S3 GalaxyCommunication; "C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe" [X]
S2 MSI_Trigger_Service; "C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe" [X]
S4 MSSQL$SQLEXPRESS; "c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [X]
S4 MSSQLServerADHelper100; "c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" [X]
S4 SQLAgent$SQLEXPRESS; "c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-03-18] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-03-18] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31832 2016-07-02] (ELAN Microelectronic Corp.)
S3 fwlanusb5; C:\Windows\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [File not signed]
R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-02] (REALiX(tm))
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [299816 2016-06-16] (Bitdefender)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
S3 MSICDSetup; D:\CDriver64.sys [28984 2009-08-12] (Your Corporation)
S3 NTIOLib_1_0_C; D:\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-03-10] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-07-02] (wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [29616 2016-07-02] (WiseCleaner.com)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 16:06 - 2016-07-04 16:07 - 00020254 _____ C:\Users\Sebastian\Downloads\FRST.txt
2016-07-04 15:54 - 2016-07-04 15:54 - 00016148 _____ C:\WINDOWS\system32\BASTI-PC_Sebastian_HistoryPrediction.bin
2016-07-04 01:40 - 2016-07-04 01:40 - 00001665 _____ C:\Users\Sebastian\Desktop\Pokémon Trading Card Game Online.lnk
2016-07-04 01:40 - 2016-07-04 01:40 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Pokémon Trading Card Game Online
2016-07-04 01:40 - 2016-07-04 01:40 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2016-07-04 01:35 - 2016-07-04 01:39 - 299905024 _____ C:\Users\Sebastian\Downloads\PokemonInstaller.msi
2016-07-03 01:32 - 2016-07-03 01:32 - 00000000 ____D C:\Users\Sebastian\Documents\Beruf
2016-07-03 00:01 - 2016-07-03 00:01 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\.mono
2016-07-03 00:01 - 2016-07-03 00:01 - 00000000 ____D C:\ProgramData\.mono
2016-07-02 20:39 - 2016-07-02 20:39 - 02723264 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\vcredist_x86 (1).exe
2016-07-02 20:39 - 2016-07-02 20:39 - 02690840 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\vcredist_x86.exe
2016-07-02 20:38 - 2016-07-02 20:38 - 04291352 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\vcredist_x64.exe
2016-07-02 20:38 - 2016-07-02 20:38 - 03200960 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\vcredist_x64 (1).exe
2016-07-02 19:56 - 2016-07-04 14:33 - 00003028 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Sebastian)
2016-07-02 19:56 - 2016-07-02 19:56 - 00003376 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-07-02 19:56 - 2016-07-02 19:56 - 00000000 _____ C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-02 19:56 - 2016-07-02 19:56 - 00000000 _____ C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-07-02 19:56 - 2016-07-02 19:56 - 00000000 _____ C:\9e3fcdda8b8b69240b1ecd3d60988f
2016-07-02 19:53 - 2016-07-02 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-02 19:53 - 2016-07-02 19:53 - 00000748 _____ C:\AiOLog.txt
2016-07-02 19:51 - 2016-07-02 20:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-02 19:49 - 2016-07-02 19:50 - 00000000 ____D C:\Users\Sebastian\.oracle_jre_usage
2016-07-02 19:49 - 2016-07-02 19:49 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\Sun
2016-07-02 19:49 - 2016-07-02 19:49 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\Oracle
2016-07-02 19:49 - 2016-07-02 19:49 - 00000000 ____D C:\ProgramData\Oracle
2016-07-02 19:28 - 2016-07-02 19:28 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-07-02 19:20 - 2016-07-02 23:12 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C836979E-9B94-478C-AA55-8349EBCE65B6}
2016-07-02 19:12 - 2016-07-02 19:12 - 00000000 __SHD C:\Users\Sebastian\AppData\Local\EmieBrowserModeList
2016-07-02 19:07 - 2016-07-02 19:07 - 00350032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-02 19:06 - 2016-07-02 20:50 - 00001571 _____ C:\bdlog.txt
2016-07-02 18:59 - 2016-07-02 18:59 - 00000000 ____D C:\ProgramData\USOShared
2016-07-02 18:59 - 2016-07-02 18:59 - 00000000 ____D C:\ProgramData\USOPrivate
2016-07-02 18:15 - 2016-07-02 18:15 - 00427164 _____ C:\ProgramData\1467475818.bdinstall.bin
2016-07-02 18:15 - 2016-07-02 18:15 - 00003406 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2016-07-02 18:15 - 2016-07-02 18:15 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-07-02 18:15 - 2016-07-02 18:15 - 00000385 _____ C:\Users\Sebastian\AppData\Roaminguser_gensett.xml
2016-07-02 18:14 - 2016-07-02 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-07-02 18:14 - 2016-07-02 18:14 - 00002281 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-07-02 18:14 - 2016-07-02 18:14 - 00000000 ____D C:\ProgramData\BDLogging
2016-07-02 18:13 - 2016-06-16 16:45 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-07-02 18:13 - 2016-03-18 06:58 - 00842152 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-07-02 18:13 - 2016-03-18 06:56 - 01623536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-07-02 18:13 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-07-02 18:13 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-07-02 18:13 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-07-02 18:12 - 2016-07-02 18:18 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Bitdefender
2016-07-02 18:10 - 2016-07-02 18:18 - 00000000 ____D C:\ProgramData\Bitdefender
2016-07-02 18:10 - 2016-07-02 18:10 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\QuickScan
2016-07-02 18:10 - 2016-07-02 18:10 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-07-02 18:10 - 2016-07-02 18:10 - 00000000 ____D C:\Program Files\Bitdefender
2016-07-02 18:10 - 2016-03-10 07:41 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-07-02 18:10 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-07-02 18:09 - 2016-07-02 18:09 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-07-02 18:07 - 2016-07-04 15:54 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-02 18:07 - 2016-07-02 18:07 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-07-02 17:47 - 2016-07-02 19:06 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Wise Care 365
2016-07-02 17:47 - 2016-07-02 17:47 - 00029616 _____ (WiseCleaner.com) C:\WINDOWS\WiseRegNotify.sys
2016-07-02 17:47 - 2016-07-02 17:47 - 00014800 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo64.dll
2016-07-02 17:46 - 2016-07-02 17:47 - 00002144 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-07-02 17:46 - 2016-07-02 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-07-02 17:46 - 2016-07-02 17:46 - 00000000 ____D C:\Program Files (x86)\Wise
2016-07-02 17:42 - 2016-07-04 16:06 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\NetSpeedMonitor
2016-07-02 17:41 - 2016-07-02 17:41 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2016-07-02 17:37 - 2016-07-02 17:37 - 00002799 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2016-07-02 17:37 - 2016-07-02 17:37 - 00000000 ____D C:\ProgramData\Qualcomm
2016-07-02 17:37 - 2016-07-02 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2016-07-02 17:37 - 2016-07-02 17:37 - 00000000 ____D C:\Program Files\Qualcomm Atheros
2016-07-02 16:43 - 2016-07-02 16:43 - 01730328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-07-02 16:43 - 2016-07-02 16:43 - 00031832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2016-07-02 16:31 - 2016-07-02 16:31 - 00000000 ____D C:\ProgramData\ProductData
2016-07-02 16:30 - 2016-07-02 16:31 - 00002250 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-07-02 16:30 - 2016-07-02 16:31 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\IObit
2016-07-02 16:30 - 2016-07-02 16:30 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-07-02 16:30 - 2016-07-02 16:30 - 00000000 ____D C:\WINDOWS\IObit
2016-07-02 16:30 - 2016-07-02 16:30 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\IObit
2016-07-02 16:30 - 2016-07-02 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-07-02 16:30 - 2016-07-02 16:30 - 00000000 ____D C:\ProgramData\IObit
2016-07-02 16:30 - 2016-07-02 16:30 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-02 16:23 - 2016-07-03 00:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-02 16:23 - 2016-07-02 16:23 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-02 16:23 - 2016-07-02 16:23 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-02 16:23 - 2016-07-02 16:23 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\TeamViewer
2016-07-02 16:19 - 2016-07-02 16:19 - 09663232 _____ (TeamViewer GmbH) C:\Users\Sebastian\Downloads\TeamViewer_Setup_de-jfa.exe
2016-07-02 16:15 - 2016-07-04 16:06 - 00000000 ____D C:\FRST
2016-07-02 16:13 - 2016-07-02 16:15 - 02390016 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2016-07-02 15:24 - 2016-07-02 15:24 - 01270466 _____ C:\Users\Sebastian\Downloads\ProcessExplorer.zip
2016-07-02 15:09 - 2016-07-02 15:09 - 00000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2016-07-02 00:55 - 2016-07-02 00:55 - 00033752 _____ C:\Users\Sebastian\Downloads\Konto_1910944432-Auszug_2016_002.PDF
2016-07-01 20:23 - 2016-07-01 20:23 - 05912072 _____ (Wargaming.net ) C:\Users\Sebastian\Downloads\WoWS_internet_install_eu.exe
2016-07-01 20:23 - 2016-07-01 20:23 - 00000843 _____ C:\Users\Sebastian\Desktop\World of Warships.lnk
2016-07-01 20:23 - 2016-07-01 20:23 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-07-01 20:23 - 2016-07-01 20:23 - 00000000 ____D C:\Games
2016-07-01 04:12 - 2016-07-01 04:12 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\Smartly Dressed Games
2016-07-01 00:09 - 2016-07-01 00:09 - 00000222 _____ C:\Users\Sebastian\Desktop\Unturned.url
2016-06-30 15:08 - 2016-06-30 15:08 - 05281004 _____ C:\Users\Sebastian\Downloads\dolphin-master-5.0-106-x64.7z
2016-06-28 02:10 - 2016-06-28 02:10 - 00000219 _____ C:\Users\Sebastian\Desktop\Counter-Strike Global Offensive.url
2016-06-18 01:44 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-18 01:41 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-18 01:41 - 2016-06-03 09:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-16 13:46 - 2016-06-16 13:46 - 00001484 _____ C:\Users\Public\Desktop\World of Warcraft Public Test.lnk
2016-06-15 17:21 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 17:21 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 17:21 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 17:21 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 17:21 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 17:21 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 17:21 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-15 17:21 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 17:21 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 17:21 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 17:21 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 17:21 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2016-06-15 17:21 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 17:21 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 17:21 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 17:21 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 17:21 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 17:21 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-15 17:21 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 17:21 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 17:21 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-15 17:21 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 17:21 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 17:21 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 17:21 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-15 17:21 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-06-15 17:21 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 17:21 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 17:21 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 17:21 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 17:21 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 17:21 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 17:21 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 17:21 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 17:21 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-15 17:21 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 17:21 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 17:21 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 17:21 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 17:21 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 17:21 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-15 17:21 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 17:21 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 17:21 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 17:21 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 17:21 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 17:21 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 17:21 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 17:21 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 17:21 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 17:21 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 17:21 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 17:21 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 17:21 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 17:21 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 17:21 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 17:21 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 17:21 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 17:21 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 17:21 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 17:21 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-15 17:21 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 17:21 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 17:21 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 17:21 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 17:21 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 17:21 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 17:21 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 17:21 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 17:21 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 17:21 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 17:21 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 17:21 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 17:21 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-13 22:29 - 2016-06-13 22:29 - 00001285 _____ C:\Users\Sebastian\Desktop\Uplay.lnk
2016-06-13 22:29 - 2016-06-13 22:29 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-06 16:32 - 2016-06-06 16:32 - 00284854 _____ C:\Users\Sebastian\Desktop\VLSM.pdf
2016-06-06 16:32 - 2016-06-06 16:32 - 00263281 _____ C:\Users\Sebastian\Desktop\IPv6.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 16:03 - 2014-09-03 02:05 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Battle.net
2016-07-04 15:57 - 2014-09-02 17:21 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Spotify
2016-07-04 15:57 - 2014-09-02 17:21 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Spotify
2016-07-04 15:54 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-04 14:25 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-04 14:13 - 2015-12-27 14:00 - 00000000 ____D C:\Users\Sebastian\AppData\Local\CrashDumps
2016-07-04 14:13 - 2014-12-09 20:55 - 00000986 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-04 14:13 - 2014-12-09 20:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-04 14:13 - 2014-10-29 15:58 - 00001167 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-07-04 14:13 - 2014-10-29 15:58 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-04 14:13 - 2014-09-02 14:53 - 00001625 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2016-07-04 14:12 - 2014-09-13 13:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-04 04:03 - 2014-09-03 01:54 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\TS3Client
2016-07-03 21:57 - 2014-09-03 15:25 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-03 14:17 - 2014-09-02 14:42 - 00001879 _____ C:\Users\Sebastian\Desktop\Spotify.lnk
2016-07-03 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-03 02:14 - 2015-09-06 14:44 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Deployment
2016-07-02 20:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2016-07-02 20:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-02 20:51 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-02 20:51 - 2014-09-11 10:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-02 20:50 - 2015-11-29 19:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-02 20:50 - 2015-11-29 19:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-02 20:50 - 2015-07-10 11:05 - 01572864 ___SH C:\WINDOWS\system32\config\BBI
2016-07-02 20:03 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-02 20:03 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-07-02 19:49 - 2015-07-29 14:35 - 00000000 ____D C:\Users\Sebastian
2016-07-02 19:02 - 2015-07-29 14:35 - 00000000 ____D C:\Users\Administrator
2016-07-02 19:00 - 2014-09-03 01:46 - 00000000 ____D C:\Program Files (x86)\MSI
2016-07-02 18:57 - 2014-09-03 03:48 - 00000000 ____D C:\ProgramData\Intel
2016-07-02 18:51 - 2015-07-30 00:28 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-02 18:51 - 2014-09-02 19:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-07-02 18:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-02 18:48 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-02 18:47 - 2014-09-03 01:41 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Packages
2016-07-02 18:32 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 18:20 - 2014-12-09 19:56 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-02 18:20 - 2014-12-09 19:56 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-02 17:55 - 2015-07-30 00:25 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-07-02 17:51 - 2015-08-31 18:07 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-02 17:51 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-07-02 17:51 - 2015-04-19 14:51 - 00000000 __RHD C:\MSOCache
2016-07-02 17:42 - 2014-09-13 15:28 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ElevatedDiagnostics
2016-07-02 17:38 - 2014-09-03 01:54 - 00001277 _____ C:\Users\Sebastian\Desktop\TeamSpeak 3 Client.lnk
2016-07-02 17:37 - 2014-09-02 19:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-02 17:11 - 2014-09-02 18:02 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-02 15:59 - 2014-09-04 02:22 - 00007597 _____ C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2016-07-02 04:06 - 2015-11-20 18:22 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Public Test
2016-07-01 21:04 - 2016-03-23 14:00 - 00000000 ____D C:\Users\Sebastian\Desktop\PokeMMO
2016-07-01 21:04 - 2015-10-27 22:09 - 00000000 ____D C:\Users\Sebastian\Desktop\PBE LOL
2016-06-30 03:04 - 2014-11-26 19:47 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-06-29 14:05 - 2015-02-06 21:36 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-06-29 01:11 - 2015-11-20 01:18 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-27 19:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-06-24 00:55 - 2014-09-03 01:54 - 00000000 ____D C:\Users\Sebastian\AppData\Local\TeamSpeak 3 Client
2016-06-18 01:44 - 2014-09-11 10:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-18 01:44 - 2014-09-11 09:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-17 21:33 - 2014-09-02 19:57 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\OBS
2016-06-17 14:48 - 2015-11-20 01:26 - 00000000 ____D C:\Users\Sebastian\Documents\Overwatch
2016-06-16 16:03 - 2015-07-29 18:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 15:57 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-15 23:13 - 2014-09-04 17:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 23:09 - 2014-09-04 17:57 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 22:40 - 2015-09-25 13:58 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-14 19:32 - 2015-07-29 21:02 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:32 - 2015-07-29 21:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 22:30 - 2015-03-13 22:14 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Ubisoft Game Launcher
2016-06-07 16:34 - 2015-09-25 17:09 - 00003532 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2016-06-07 16:34 - 2015-09-25 17:09 - 00003396 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2016-06-07 16:34 - 2015-09-25 17:09 - 00000000 ____D C:\Program Files (x86)\Gyazo
2016-06-04 02:51 - 2015-07-29 20:13 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-04 00:40 - 2015-07-29 23:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2016-07-02 19:56 - 2016-07-02 19:56 - 0000000 _____ () C:\Program Files\Microsoft SQL Server Compact Edition
2016-07-02 19:56 - 2016-07-02 19:56 - 0000000 _____ () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-29 21:38 - 2015-09-25 13:37 - 0000000 _____ () C:\Users\Sebastian\AppData\Local\Driver_LOM_8161Present.flag
2014-09-04 02:22 - 2016-07-02 15:59 - 0007597 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2016-07-02 18:15 - 2016-07-02 18:15 - 0427164 _____ () C:\ProgramData\1467475818.bdinstall.bin

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-04 00:36

==================== End of FRST.txt ============================
--- --- ---

--- --- ---


Und die Addition. Bitte schön :killpc:

[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Sebastian (2016-07-04 16:07:35)
Running from C:\Users\Sebastian\Downloads
Windows 10 Home (X64) (2015-07-29 16:34:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1910738958-1663039028-3647407689-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1910738958-1663039028-3647407689-503 - Limited - Disabled)
Guest (S-1-5-21-1910738958-1663039028-3647407689-501 - Limited - Disabled)
Sebastian (S-1-5-21-1910738958-1663039028-3647407689-1001 - Administrator - Enabled) => C:\Users\Sebastian

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.29.1517 - Bitdefender)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM\...\Steam App 42690) (Version:  - Infinity Ward)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Gyazo 3.2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pokémon Trading Card Game Online (HKLM-x32\...\{03C8CBF2-B9BA-4054-8AA6-CAE594797FED}) (Version: 2.37.1 - The Pokémon Company International)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (Version: 1.0.11.1 - LunarG, Inc.) Hidden
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wise Care 365 4.22 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.22 - WiseCleaner.com, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warships (HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0713D74B-B14D-451D-ACC3-3128417C2BBA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {1522F366-C8B1-4E97-8B28-4507BF65468C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2BCD67D5-FCD3-4139-AE30-A2030DF1B39E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34871C1D-3DE6-4E1F-93CB-8349DDD8397B} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-06-02] ()
Task: {399BE42F-43B3-4115-87D2-B85B28BEE919} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {45600FE6-833F-4FFB-8956-48A748149676} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5435F56C-5DC5-455F-8443-59121313F8B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {687384EE-3F25-4BF2-B747-89744388C06F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {6A204713-8204-4C9D-A547-FE6B93816B19} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6C70220C-9902-443D-B66C-A5A7037235B0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {72DE5436-0C39-4AF5-9B99-D0C7EFB213B8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-06-14] (Bitdefender)
Task: {7A14FADF-EE02-4DB7-9DCA-ECECC6C6DACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {7C26587C-1C1A-4AA2-92A0-FA9F27108DEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7F1C1C4B-39A0-4961-80BD-12F940D3D796} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {893766EB-B9D2-422C-9886-2AC60724E86E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {94286A8C-267B-458F-BDFA-6B5F2F257B83} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {97386B79-BE5B-412C-9FA2-483B98C9942D} - System32\Tasks\Driver Booster SkipUAC (Sebastian) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {B32D8773-B510-4367-A13B-4D22BB3EA125} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B64D4891-95B8-4D1B-89B1-79C51D19FE48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BAFFAA6F-CAC1-41EC-93B5-B40DAFB90938} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [2016-06-24] (Bitdefender)
Task: {C84D2734-9CA3-486B-B883-76DE6E1FE49D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F64B9FE1-94FD-4DE4-98F7-5015B4CA37E6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Google Profile.ico? () -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-07-29 19:50 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2016-07-02 18:13 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-07-02 18:13 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-07-02 18:13 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-07-02 18:13 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-07-02 18:13 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2016-03-09 17:28 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-27 05:00 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-13 22:02 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-09 17:28 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-04-12 14:41 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-13 22:02 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-09 17:19 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2014-09-11 10:23 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 16:39 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 16:39 - 2016-03-16 06:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-23 21:57 - 2016-05-23 21:57 - 00959168 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-07-29 19:40 - 2015-07-29 19:40 - 00256000 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-10-01 19:31 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 17:43 - 2015-11-25 06:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 17:43 - 2015-11-25 06:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 17:43 - 2015-11-25 06:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 19:31 - 2015-09-17 07:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-07-02 18:20 - 2016-06-23 15:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-07-02 18:20 - 2016-06-23 15:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll
2016-06-21 19:49 - 2016-06-21 19:49 - 01371624 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
2013-06-12 18:11 - 2014-09-02 14:53 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2016-05-13 22:02 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-13 22:02 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-06-29 14:01 - 2016-06-29 14:01 - 02321912 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.22\deploy\LoLLauncher.exe
2016-06-29 14:01 - 2016-06-29 14:01 - 04302328 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\LoLPatcher.exe
2016-07-02 18:20 - 2016-06-23 04:27 - 31514816 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\PepperFlash\pepflashplayer.dll
2014-09-02 15:06 - 2014-09-02 15:06 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\LolClient.exe
2014-09-03 03:47 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-31 14:40 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-12-09 20:55 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-09 20:55 - 2016-06-15 02:47 - 02387024 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 19:28 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-09 20:55 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-09 20:55 - 2016-06-15 02:47 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 17:29 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-06-21 19:49 - 2016-06-21 19:50 - 37241856 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libcef.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ortp.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libEGL.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libGLESv2.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libglesv2.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libegl.dll
2016-06-29 14:01 - 2016-06-29 14:01 - 01434616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\RiotLauncher.dll
2016-06-21 19:50 - 2016-06-21 19:50 - 00984576 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ffmpegsumo.dll
2014-12-09 20:55 - 2016-06-14 21:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-23 19:28 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-04-20 16:37 - 2016-04-20 16:37 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 52042352 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libcef.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 01741936 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 18:19 - 2016-06-28 02:29 - 00087664 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Sebastian\Downloads\vcredist_x64 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sebastian\Downloads\vcredist_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\Sebastian\Downloads\vcredist_x86 (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sebastian\Downloads\vcredist_x86.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-07-04 15:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\Pictures\LoL\hQH9DNq.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4215F129-755B-4B43-B660-331B80920B95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6AF609C4-E375-442A-BCB3-9A3CFD5B4122}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A1AFB9E0-7EC7-4DA9-BAD0-1EE5A7AEB6F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C731052E-1E38-436D-BDE9-F2F7B02D56C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1DECD10A-3EF7-4D07-9AA9-96574CC33FF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F9E1844B-1347-4180-BBB6-78A447EC1BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{9E966C84-F9D9-423F-928F-3ABE2CE5507D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D7EEFAA2-8310-4D27-8742-EF960B4E784A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{CD06BE1B-95ED-4B36-B5A1-EED09155B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{2CC73C29-93DB-49F4-A36C-A2AFCB7CE914}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3E661876-57E2-46BA-A494-1F67F50C2246}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EBF59D65-CDE8-47A1-8B25-34705B1A8BFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{55F28BF5-7A80-4761-9B6F-AE0B25C29E95}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9262A1DD-19F2-4A20-8BEA-E9D0AEFB4AAC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{7D9DF99C-3492-45B3-8414-8B70DCC070A0}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D1AA3F54-73D9-4033-A8B3-F419C2555885}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{C4B27E6A-8B63-44C9-BCB3-CEE6588AB5A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9305E0B0-5A0C-4733-9740-E3C6649FE817}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{871CEE1B-D793-40E5-BFF8-EE51FE6225B3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CA438123-E1BB-4E89-8F40-4E7FA00B8B88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98F55BE3-A5BD-4C90-9433-7F29DEF74B9C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA85D838-EC50-4AAF-8F12-AB005C80F4C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7C8E2A6-BD8A-41CD-BB4F-23E8285D9B0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{697867E2-B6B4-4C31-875C-B4D4D644C444}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{57C525E8-1E6E-488F-B5F3-9C014E9F6166}] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{58DDDFA3-DCE5-4317-808F-7E382F48D152}] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4EB277BE-AB6A-44AA-8668-34E62636DB8A}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E4CD203F-A428-4D7B-B8EE-2B37CC424647}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EC423541-E221-4739-8C66-99BB9D49FC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{19957C94-FAB9-402A-96C9-5A7D89893F11}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{0DE04ADC-9960-4A56-9F02-253B0E11BAC1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6646AA35-5311-486D-B7BE-299B488B71CD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5886A904-A518-4E41-ADB4-2821EDA51C7C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0DE84A8-56E2-4B36-ACAB-2B4031691328}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5A254313-0BBA-42FE-B145-5A0885B877AA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{8F5D5259-96F9-4683-AF30-6D220170FD2E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [UDP Query User{244A5D27-92FF-4892-9678-0092765D80C1}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9B6EE64D-E48E-4397-936A-F84972484DD9}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{05B46F2A-1C69-4038-B7BC-C7527785C455}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D3474CD-C721-4E64-BB1E-AF19E950BC12}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B4C6153A-470F-47C0-9911-4A6424F0338A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{90429CB0-F09D-475B-8BC9-2801FF50E388}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{22B2D59B-D18B-4A35-8439-357ED0CF3FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C01B2B43-F7E8-424B-B1F0-A211904CC290}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{0302F52F-9967-40BB-84D3-1762A4472179}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{5E29BF59-5CD9-479D-946D-25F6E7FFAE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{51E495A6-5542-4DA6-B635-A42904205B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E6E538ED-879E-4D67-8B27-B1376054461E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{0D71C680-3DB1-49AA-A091-2EC75489FC38}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{5748E2D8-E870-4155-B5D1-C18F75213D2D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{7AAFEF8A-D45C-4572-9801-64531379E129}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{0D42F2DF-5549-48D8-AF5C-ED9A91C1F366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A27EA6A9-4DFE-4AEF-A6BA-88F6738BD76E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ED72B896-141F-4D0C-881B-027DC63039DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EE934AA3-0974-4019-8B68-B870C37A2803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F79079F5-AEB8-44E6-B8A2-752E443FA27C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{689DB1F6-9AA5-4706-B95C-EC628CC94D67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{70FDAAF5-5555-48CA-B908-687F95F7A351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{EEA4F0E1-2265-403E-B7EA-55D2628C7FBF}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{16D0533A-9537-4299-8572-E7AF365CED79}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{0ACFC9F6-00D5-4E51-9662-48B58CC64136}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{46E87B95-BC4F-41F5-968C-AE782E8670B6}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{B2C3B4CA-FE3B-47B8-BE08-545A378FFB36}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{F8890EED-B748-49C1-B41E-FCF5A06E7EFD}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{4B523CDB-108A-416C-A41E-E94C57649C30}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F01D29CF-E484-4996-81D4-48138F4DC12D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{83559D8D-86E4-470D-B226-B2D0E192F141}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{802C41DB-FB85-47B4-B511-D8AF606A3073}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{249ADAAC-EFA3-4F8D-B51E-7AC8A0F33B39}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6AB646A4-A433-484B-947B-513ECE5E5CA8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{2D77B4CA-5C06-43B2-AAA3-3166AA802C42}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{BFE54687-8270-4450-8EFD-C195832DCD14}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{80ECDE88-F9CB-4B22-8322-C6F85D29FDC6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{92F61E82-DC6B-4DF6-A7F7-0F626B28035C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{8B96BBF6-D2BE-4DDD-843C-89731F75C0C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-07-2016 19:38:49 Removed Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
02-07-2016 19:50:51 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
02-07-2016 19:51:40 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
02-07-2016 19:52:18 Installed Adobe Shockwave Player 12.2.
02-07-2016 20:05:51 Removed Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
02-07-2016 20:07:29 Removed Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
02-07-2016 20:11:14 Microsoft Visual C++ 2005 Redistributable wird entfernt
02-07-2016 20:40:23 Microsoft Visual C++ 2005 Redistributable wird entfernt
02-07-2016 20:41:13 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523
02-07-2016 20:42:01 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523
02-07-2016 20:42:34 Removed Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
02-07-2016 20:43:05 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
02-07-2016 20:43:50 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
02-07-2016 20:44:16 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
02-07-2016 20:54:22 Microsoft Visual C++ 2005 Redistributable (x64) wird entfernt
02-07-2016 20:56:08 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
02-07-2016 20:56:37 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
02-07-2016 20:57:21 Removed Adobe Shockwave Player 12.2.
02-07-2016 20:58:48 Removed Java 8 Update 92
02-07-2016 21:00:49 Removed Java 8 Update 92 (64-bit)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2016 02:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Name des fehlerhaften Moduls: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001d040
ID des fehlerhaften Prozesses: 0x1c34
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (07/04/2016 02:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Name des fehlerhaften Moduls: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000014ec8
ID des fehlerhaften Prozesses: 0x258c
Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0
Pfad der fehlerhaften Anwendung: igfxHK.exe1
Pfad des fehlerhaften Moduls: igfxHK.exe2
Berichtskennung: igfxHK.exe3
Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5

Error: (07/04/2016 02:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Name des fehlerhaften Moduls: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001b3e4
ID des fehlerhaften Prozesses: 0x1224
Startzeit der fehlerhaften Anwendung: 0xigfxEM.exe0
Pfad der fehlerhaften Anwendung: igfxEM.exe1
Pfad des fehlerhaften Moduls: igfxEM.exe2
Berichtskennung: igfxEM.exe3
Vollständiger Name des fehlerhaften Pakets: igfxEM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxEM.exe5

Error: (07/04/2016 04:18:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASTI-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/04/2016 12:38:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/03/2016 02:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Name des fehlerhaften Moduls: igfxTray.exe, Version: 0.0.0.0, Zeitstempel: 0x55a99762
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001d040
ID des fehlerhaften Prozesses: 0x26b0
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5

Error: (07/03/2016 02:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Name des fehlerhaften Moduls: igfxHK.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a99751
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000014ec8
ID des fehlerhaften Prozesses: 0x8b0
Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0
Pfad der fehlerhaften Anwendung: igfxHK.exe1
Pfad des fehlerhaften Moduls: igfxHK.exe2
Berichtskennung: igfxHK.exe3
Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5

Error: (07/03/2016 02:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Name des fehlerhaften Moduls: igfxEM.exe, Version: 6.15.10.4256, Zeitstempel: 0x55a9975a
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000001b3e4
ID des fehlerhaften Prozesses: 0x234c
Startzeit der fehlerhaften Anwendung: 0xigfxEM.exe0
Pfad der fehlerhaften Anwendung: igfxEM.exe1
Pfad des fehlerhaften Moduls: igfxEM.exe2
Berichtskennung: igfxEM.exe3
Vollständiger Name des fehlerhaften Pakets: igfxEM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxEM.exe5

Error: (07/03/2016 04:17:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASTI-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 04:17:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASTI-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (07/04/2016 02:15:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/04/2016 04:18:24 AM) (Source: DCOM) (EventID: 10010) (User: BASTI-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (07/04/2016 04:18:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Access_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (07/04/2016 04:18:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "User Data Storage_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (07/04/2016 04:18:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Contact Data_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (07/04/2016 04:18:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sync Host_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service.

Error: (07/03/2016 02:19:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/03/2016 01:55:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (07/03/2016 04:17:04 AM) (Source: DCOM) (EventID: 10010) (User: BASTI-PC)
Description: App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca

Error: (07/03/2016 04:17:04 AM) (Source: DCOM) (EventID: 10010) (User: BASTI-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 59%
Total physical RAM: 8069.95 MB
Available physical RAM: 3277.76 MB
Total Virtual: 13052.89 MB
Available Virtual: 7075.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:920.07 GB) (Free:493.95 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (G71-MGD3010) (CDROM) (Total:3.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B0F13E4A)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)

==================== End of Addition.txt ============================
--- --- ---

cosinus 04.07.2016 15:38
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

TheDellin 04.07.2016 16:16
Ich benötigte keinen Neustart des Pc's

Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.07.04.05
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16942
Sebastian :: BASTI-PC [administrator]

04.07.2016 16:51:39
mbar-log-2016-07-04 (16-51-39).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 357681
Time elapsed: 21 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 04.07.2016 21:23
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


TheDellin 05.07.2016 19:51
Einmal das Adware
Code:
# AdwCleaner v5.201 - Logfile created 05/07/2016 at 20:35:30
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-04.1 [Server]
# Operating system : Windows 10 Home  (X64)
# Username : Sebastian - BASTI-PC
# Running from : C:\Users\Sebastian\Downloads\AdwCleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ReimageRealTimeProtector

***** [ Folders ] *****

[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[#] Folder Deleted : C:\ProgramData\Application Data\Reimage Protector
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Program Files\Reimage

***** [ Files ] *****

[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] File Deleted : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] File Deleted : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Key Deleted : HKU\S-1-5-21-1910738958-1663039028-3647407689-500\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKU\S-1-5-21-1910738958-1663039028-3647407689-500\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : HKU\S-1-5-21-1910738958-1663039028-3647407689-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
[-] Value Deleted : HKU\S-1-5-21-1910738958-1663039028-3647407689-500\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3489 bytes] - [05/07/2016 20:35:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [3712 bytes] - [05/07/2016 20:34:45]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3635 bytes] ##########
Und hier der Junkware Scan

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by Sebastian (Administrator) on 05.07.2016 at 20:42:51,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16

Successfully deleted: C:\ProgramData\1467475818.bdinstall.bin (File)
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Sebastian\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Sebastian) (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf (File)
Successfully deleted: C:\WINDOWS\system32\REN10CE.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN143A.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN15A5.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN497B.tmp (File)
Successfully deleted: C:\WINDOWS\system32\REN7F9E.tmp (File)
Successfully deleted: C:\WINDOWS\system32\RENA429.tmp (File)
Successfully deleted: C:\WINDOWS\system32\RENDB5A.tmp (File)
Successfully deleted: C:\WINDOWS\system32\RENF51A.tmp (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2016 at 20:48:34,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Durch die Neuinstallation von Windows 10 hat sich die Fehlermeldung beheben lassen. Jedoch ist mein System durch den Lokalen Host auch durch das Netzwerk immer noch eingeschränkt.

cosinus 06.07.2016 09:16
Was BITTE soll jetzt eine Neuinstallation von Windows 10??? :wtf:
Dann brauchen wir auch keine Logs mehr weil durch ne Neuinstallation eh alle malware weg ist


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27