Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Unbekannte Maleware öffnet in Chrome Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.04.2016, 15:21   #16
M-K-D-B
/// TB-Ausbilder
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Servus,



danke für den Upload.

wir kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Setze Google Chrome nach dieser Anleitung zurück.





Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 26.04.2016, 20:31   #17
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



1. Chrome zurückgesetzt.
2. ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# end=init
# utc_time=2016-04-23 12:00:41
# local_time=2016-04-23 02:00:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29205
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# end=updated
# utc_time=2016-04-23 12:05:35
# local_time=2016-04-23 02:05:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# engine=29205
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-23 03:22:46
# local_time=2016-04-23 05:22:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 19446 25092949 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15194854 15239109 0 0
# scanned=712966
# found=35
# cleaned=0
# scan_time=11830
sh=C0D7DF600C39BF00D8B249DC377F14837E80D80A ft=1 fh=5468b797e019005a vn="Variante von Win32/Obfuscated.NFS Trojaner" ac=I fn="C:\Program Files (x86)\Kilchwobigh\klcUpd.dll"
sh=CCEDD963FF4819EC7A9559BE0048A3B224C91986 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160308160037892.rsc"
sh=D2817945465E09EB344E7E591253BF3D2C2911A1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160420174833710.rsc"
sh=EF3A02D3E66DB63CCF7E869E837121A79D5FEE56 ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\Plugin(1).iso"
sh=1B5745E1BDA45F7D789C5B82F0F363BC9743C0F1 ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\Plugin.iso"
sh=11C17EF8DBE952B6D870268AD3CA48BAAE140D61 ft=1 fh=403a0c0db8e0bd60 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Admin\Downloads\MS-Word-2013-ISO-and-Activator\Microsoft Toolkit\Microsoft Toolkit.exe"
sh=CCEDD963FF4819EC7A9559BE0048A3B224C91986 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160308160037892.rsc"
sh=D2817945465E09EB344E7E591253BF3D2C2911A1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160420174833710.rsc"
sh=070C580D8404F5FE1DB095F0C77F485AD44CF133 ft=1 fh=af1927692cb41697 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="G:\!!!SICHERUNG!!!\DIE DATEN\Dokumente und Einstellungen\Julian\Anwendungsdaten\uTorrent\updates\3.4.1_30768.exe"
sh=070C580D8404F5FE1DB095F0C77F485AD44CF133 ft=1 fh=af1927692cb41697 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwünschte Anwendung" ac=I fn="G:\Dokumente und Einstellungen\Julian\Anwendungsdaten\uTorrent\updates\3.4.1_30768.exe"
sh=103E4469C663BC2AD00FF1E4AA19199AEFD4F6CD ft=1 fh=d47eee06f667724c vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="G:\Dokumente und Einstellungen\Julian\Desktop\Julian\pcviver\logdata\updates.exe"
sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\14.js"
sh=32FE8D811A0CD3B7424FD03880F6FE6C32781264 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\19.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\28.js"
sh=DF5417C02F7DA3C534D2FC914C88D491810188B7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.M evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\47.js"
sh=BDCFA8379825B1BC17A13BDF73B7384DE46E7C3B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\64.js"
sh=778B8C980A33D3679264BE3920E6F15D75731E06 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.N evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\extensionData\plugins\97.js"
sh=908310927982C1DFD45B8CBBF669A940C0CE7CC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\background.js"
sh=D7FE306EB39D64F7994917931E25229A5B156640 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.R evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\main.js"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\api\chrome.js"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\api\cookie.js"
sh=B959D7BE74EBA2B82B780E14A213BB132451990B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\api\message.js"
sh=480291E6360EDA2357DCDF48736AAB96C7722AEE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\api\monitor.js"
sh=B3ABD3CAA6ADACF7A87576C3F949A2C023F51456 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\bg_app_api.js"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\cookie_store.js"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\events.js"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\onBGDocumentLoad.js"
sh=3E6E49061DC4C0339624D1BD4C5972D2D6988DA4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\reports.js"
sh=F7B2040B9EB935D0FFB1571CC0184FED6B7D7583 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\util.js"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="G:\julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofagpiljafijmbckhichnbknlhcekejo\1.26.59_0\js\lib\xhr.js"
sh=C3240642816A80A006B0DD416B4A084A0E55500A ft=1 fh=31ac027a10321855 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="G:\RECYCLER\S-1-5-21-583907252-1220945662-1801674531-1004\De2\~Web Assistant\ExtensionUpdaterService.exe"
sh=2E5CA89CB52E271785CAC66810458578ECE5ECE4 ft=1 fh=686e5f7dd435d23c vn="Variante von Win32/Toolbar.BitCocktail.A evtl. unerwünschte Anwendung" ac=I fn="G:\RECYCLER\S-1-5-21-583907252-1220945662-1801674531-1004\De2\~Web Assistant\InstallerHelper.dll"
sh=5BC11ACDE7652B4B13A24FF61CD988A86C2B96C1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung" ac=I fn="G:\RECYCLER\S-1-5-21-583907252-1220945662-1801674531-1004\De2\~Web Assistant\source.crx"
sh=D197311433B4172D1845772948E701ECE2939889 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="G:\RECYCLER\S-1-5-21-583907252-1220945662-1801674531-1004\De2\~Web Assistant\Firefox\chrome\content\main.js"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# end=init
# utc_time=2016-04-26 05:31:02
# local_time=2016-04-26 07:31:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29250
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# end=updated
# utc_time=2016-04-26 05:32:07
# local_time=2016-04-26 07:32:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4835e23e7c908046ab126761699d4357
# engine=29250
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-26 07:07:33
# local_time=2016-04-26 09:07:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 29006 25365636 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15467541 15511796 0 0
# scanned=527646
# found=6
# cleaned=0
# scan_time=5725
sh=C0D7DF600C39BF00D8B249DC377F14837E80D80A ft=1 fh=5468b797e019005a vn="Variante von Win32/Obfuscated.NFS Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Kilchwobigh\klcUpd.dll"
sh=CCEDD963FF4819EC7A9559BE0048A3B224C91986 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160308160037892.rsc"
sh=D2817945465E09EB344E7E591253BF3D2C2911A1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\ProgramData\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160420174833710.rsc"
sh=274CA93975163D357A5C58F08A078575FCDCB002 ft=0 fh=0000000000000000 vn="Variante von Win32/Obfuscated.NFS Trojaner" ac=I fn="C:\Users\Admin\Desktop\Quarantine.zip"
sh=CCEDD963FF4819EC7A9559BE0048A3B224C91986 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160308160037892.rsc"
sh=D2817945465E09EB344E7E591253BF3D2C2911A1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\All Users\Auslogics\BoostSpeed\8.x\Rescue\BoostSpeed\160420174833710.rsc"
         
__________________


Alt 26.04.2016, 20:34   #18
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



3. Hitman Pro.
Ich konnte den Log nicht abspeichern. Ich habe draufgeklickt, aber das Programm hat nichts gemacht.
Im Bild das Ergebnis.
__________________
Angehängte Grafiken
Dateityp: png hitman.png (50,8 KB, 232x aufgerufen)

Alt 26.04.2016, 20:35   #19
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



4. FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Admin (Administrator) auf JULIAN_TOWER_01 (26-04-2016 21:30:16)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin & DefaultAppPool (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Ascora GmbH) C:\Program Files (x86)\StartupStar\StartupStar.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ultracopier.first-world.info) C:\Program Files\Ultracopier\ultracopier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() E:\Program Files (x86)\Genymotion\genymotion.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2015-10-27] (Pixart Imaging Inc)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [ultracopier] => C:\Program Files\Ultracopier\ultracopier.exe [862720 2015-07-27] (ultracopier.first-world.info)
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [58632 2015-06-08] (Lamantine Software a.s.)
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [MediaFire Tray] => [X]
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PortableApps.com Platform.lnk [2016-04-23]
ShortcutTarget: PortableApps.com Platform.lnk -> F:\PortableApps\PortableApps.com\PortableAppsPlatform.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97a5b698-81f2-43ea-8f10-cb4e459388cb}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-140753515-2919073295-4058598123-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\java\bin\ssv.dll => Keine Datei
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\java\bin\jp2ssv.dll => Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-23] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-23] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://google.de/
FF Keyword.URL: hxxps://www.google.com/search?q=
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> F:\java\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> F:\java\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-140753515-2919073295-4058598123-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2015-06-08] (Lamantine Software a.s.)
FF Plugin HKU\S-1-5-21-140753515-2919073295-4058598123-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_1.xml [2016-04-20]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_2.xml [2016-04-21]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_3.xml [2016-04-22]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_4.xml [2016-04-23]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_5.xml [2016-04-24]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_6.xml [2016-04-25]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\Google_7.xml [2016-04-26]
FF Extension: Sticky Password Autofill Engine - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2015-09-14] [ist nicht signiert]
FF Extension: Print Edit - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\printedit@DW-dev.xpi [2016-03-25]
FF Extension: MeasureIt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2016-04-06]
FF Extension: ColorZilla - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-04-19]
FF Extension: Firebug - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: Ghostery - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@ghostery.com.xpi [2016-03-25]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@mega.co.nz.xpi [2016-04-11]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@zenmate.com.xpi [2016-03-02]
FF Extension: livestreamer-launch-on-twitchtv - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\jid0-ejMp5KBTzj5BvuJfYkXoSZaOFjY@jetpack.xpi [2016-02-09]
FF Extension: Pin It button - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-07-07]
FF Extension: Print Edit - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\printedit@DW-dev.xpi [2016-03-25]
FF Extension: ColorZilla - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-01-09]
FF Extension: MeasureIt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2016-04-06]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Firebug - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: Ghostery - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\firefox@ghostery.com.xpi [2016-03-25]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\firefox@mega.co.nz.xpi [2016-04-22]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\firefox@zenmate.com.xpi [2016-03-02]
FF Extension: livestreamer-launch-on-twitchtv - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid0-ejMp5KBTzj5BvuJfYkXoSZaOFjY@jetpack.xpi [2016-02-09]
FF Extension: Pin It button - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-07-07]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Thunderbird\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-23]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-23]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (Ghostery) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-04-23]
CHR Extension: (SmoothScroll) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2016-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Sticky Password Autofill Engine) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ggepjhbdgijjkbelnggboeoehacbphed [2016-01-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [210416 2015-11-05] ()
R2 MF NTFS Monitor; C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe [456176 2015-11-05] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2057736 2015-09-14] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-04-05] (Overwolf LTD)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-10] (Avira Operations GmbH & Co. KG)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-20] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-11-05] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RTCore64; E:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-10-27] ()
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-26 21:08 - 2016-04-26 21:28 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-26 19:32 - 2016-04-26 19:33 - 11441168 _____ (SurfRight B.V.) C:\Users\Admin\Desktop\HitmanPro_x64.exe
2016-04-26 19:30 - 2016-04-26 19:30 - 02870984 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu(1).exe
2016-04-26 16:11 - 2016-04-26 16:16 - 57666112 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u91-windows-x64.exe
2016-04-26 16:11 - 2016-04-26 16:16 - 50874432 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u91-windows-i586.exe
2016-04-26 08:56 - 2016-04-26 08:56 - 03312161 _____ C:\Users\Admin\Desktop\Quarantine.zip
2016-04-26 08:53 - 2016-04-26 08:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-25 22:06 - 2016-04-25 22:07 - 00003683 _____ C:\Users\Admin\Desktop\Fixlog.txt
2016-04-25 19:35 - 2016-04-25 19:35 - 00037566 _____ C:\Users\Admin\Desktop\mbam5.zip
2016-04-25 19:18 - 2016-04-25 19:18 - 00675907 _____ C:\Users\Admin\Desktop\mbam5.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00010199 _____ C:\Users\Admin\Desktop\mbam4.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00004147 _____ C:\Users\Admin\Desktop\mbam3.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00001887 _____ C:\Users\Admin\Desktop\mbam6.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00001602 _____ C:\Users\Admin\Desktop\mbam2.txt
2016-04-25 16:53 - 2016-04-26 21:30 - 00032682 _____ C:\Users\Admin\Desktop\FRST.txt
2016-04-25 16:53 - 2016-04-26 09:25 - 00078143 _____ C:\Users\Admin\Desktop\Addition.txt
2016-04-25 16:53 - 2016-04-25 16:53 - 00000000 ____D C:\Users\Admin\Desktop\old_troj
2016-04-25 16:52 - 2016-04-25 16:52 - 00000670 _____ C:\Users\Admin\Desktop\JRT.txt
2016-04-25 16:49 - 2016-04-25 16:49 - 00001195 _____ C:\Users\Admin\Desktop\mbam.txt
2016-04-25 16:49 - 2016-04-25 16:47 - 01610008 _____ (Malwarebytes) C:\Users\Admin\Desktop\JRT.exe
2016-04-25 16:46 - 2016-04-25 16:47 - 01610008 _____ (Malwarebytes) C:\Users\Admin\Downloads\JRT.exe
2016-04-25 16:42 - 2016-04-25 19:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-25 16:42 - 2016-04-25 16:42 - 00001187 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-25 16:42 - 2016-04-25 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-25 16:41 - 2016-04-25 19:17 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-04-25 16:41 - 2016-04-25 16:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-25 16:41 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-25 16:41 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-25 16:41 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-25 16:40 - 2016-04-25 16:41 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-04-25 16:38 - 2016-04-25 16:35 - 00001250 _____ C:\Users\Admin\Desktop\AdwCleaner[S4].txt
2016-04-25 16:36 - 2016-04-25 16:36 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-04-25 16:34 - 2016-04-25 16:33 - 03580480 _____ C:\Users\Admin\Desktop\AdwCleaner_5.113.exe
2016-04-25 16:33 - 2016-04-25 16:33 - 03580480 _____ C:\Users\Admin\Downloads\AdwCleaner_5.113.exe
2016-04-25 16:22 - 2016-04-25 16:22 - 00016536 _____ C:\Users\Admin\Downloads\Addition.RAR
2016-04-24 17:01 - 2016-04-24 17:01 - 09937586 _____ C:\Users\Admin\Downloads\Journey into a Schwarzschild black hole (plain)-HD.zip
2016-04-24 16:25 - 2016-04-24 16:26 - 00047309 _____ C:\Users\Admin\Desktop\TDSS.txt
2016-04-24 16:24 - 2016-04-24 16:48 - 00094708 _____ C:\TDSSKiller.3.1.0.9_24.04.2016_16.24.19_log.txt
2016-04-24 16:24 - 2016-04-24 16:24 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2016-04-24 16:23 - 2016-04-24 16:24 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe
2016-04-24 16:22 - 2016-04-24 09:37 - 02375680 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-04-24 10:13 - 2016-04-24 10:13 - 00057115 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-35-08).zip
2016-04-24 10:10 - 2016-04-24 09:57 - 00003714 _____ C:\Users\Admin\Desktop\protection-log-2016-04-24.txt
2016-04-24 10:10 - 2016-04-23 21:48 - 00026059 _____ C:\Users\Admin\Desktop\protection-log-2016-04-23.txt
2016-04-24 10:10 - 2016-04-23 11:05 - 01693510 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-35-08).txt
2016-04-24 10:10 - 2016-04-23 10:35 - 00004586 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-33-47).txt
2016-04-24 09:58 - 2016-04-24 09:58 - 00036758 _____ C:\Users\Admin\Desktop\avira.txt
2016-04-24 09:38 - 2016-04-24 16:22 - 00079584 _____ C:\Users\Admin\Downloads\Addition.txt
2016-04-24 09:37 - 2016-04-26 21:30 - 00000000 ____D C:\FRST
2016-04-24 09:37 - 2016-04-24 16:22 - 00103278 _____ C:\Users\Admin\Downloads\FRST.txt
2016-04-24 09:37 - 2016-04-24 09:37 - 02375680 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-04-23 18:19 - 2016-04-23 18:20 - 09944494 _____ C:\Users\Admin\Downloads\Journey into a Schwarzschild black hole (plain)-HD.mp4
2016-04-23 18:02 - 2016-04-23 18:02 - 23733211 _____ C:\Users\Admin\Downloads\blackhole.wmv
2016-04-23 17:29 - 2016-04-24 09:30 - 00001412 _____ C:\Users\Admin\Desktop\eset.txt
2016-04-23 15:04 - 2016-04-23 15:09 - 62034496 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u92-windows-x64.exe
2016-04-23 14:58 - 2016-04-23 14:58 - 00852720 _____ C:\Users\Admin\Downloads\SecurityCheck.exe
2016-04-23 14:00 - 2016-04-23 14:00 - 02870984 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2016-04-23 14:00 - 2016-04-23 14:00 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-23 13:49 - 2016-04-23 13:49 - 29554591 _____ C:\Users\Admin\Desktop\kunst.zip
2016-04-23 10:45 - 2016-04-23 11:49 - 00000080 _____ C:\Users\Public\Desktop\Need for SpeedT Most Wanted.lnk
2016-04-23 10:45 - 2016-04-23 11:49 - 00000080 _____ C:\Users\Public\Desktop\Harry Potter und der Orden des PhönixT.lnk
2016-04-23 10:29 - 2016-04-23 10:29 - 03683904 _____ C:\Users\Admin\Downloads\adwcleaner_5.112 (1).exe
2016-04-23 10:26 - 2016-04-23 10:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 10:25 - 2016-04-23 10:26 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-23 10:06 - 2016-04-23 11:49 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-23 10:06 - 2016-04-23 11:49 - 00002320 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-22 13:35 - 2016-04-23 11:49 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-22 13:35 - 2016-04-23 11:49 - 00001272 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-22 13:35 - 2016-04-22 13:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Thunderbird
2016-04-22 13:35 - 2016-04-22 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-22 13:31 - 2016-04-22 13:32 - 00000000 ____D C:\Users\Admin\Desktop\h4u14u3r.default
2016-04-22 13:30 - 2016-04-22 13:32 - 34809392 _____ (Mozilla) C:\Users\Admin\Downloads\Thunderbird_Setup_45.0__1_.exe
2016-04-21 23:10 - 2016-04-23 11:49 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001045 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001040 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-21 23:07 - 2016-04-25 16:36 - 00000000 ____D C:\AdwCleaner
2016-04-21 23:07 - 2016-04-21 23:07 - 03683904 _____ C:\Users\Admin\Downloads\adwcleaner_5.112.exe
2016-04-21 21:42 - 2016-04-21 21:56 - 00018645 _____ C:\Users\Admin\Downloads\Pausenverkauf_Onlinereservierung.xlsx
2016-04-21 21:42 - 2016-04-21 21:49 - 00017012 _____ C:\Users\Admin\Downloads\Pausenverkauf_Direktverkauf.xlsx
2016-04-21 08:00 - 2016-04-21 07:59 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-04-21 08:00 - 2016-02-23 12:36 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-21 07:58 - 2016-04-21 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-04-21 07:46 - 2016-04-21 07:55 - 196518456 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jdk-8u91-windows-x64.exe
2016-04-20 07:07 - 2016-04-20 07:07 - 00000000 ____D C:\Users\Admin\Downloads\Lakeside+Spotfinder
2016-04-20 07:06 - 2016-04-20 07:07 - 05936298 _____ C:\Users\Admin\Downloads\Lakeside+Spotfinder.zip
2016-04-19 23:39 - 2016-04-19 23:39 - 00000000 ____D C:\Program Files (x86)\Comodo Antivirus
2016-04-19 23:36 - 2016-04-19 23:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-19 23:33 - 2016-04-19 23:33 - 00309248 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\wmpfirefoxplugin.exe
2016-04-19 22:10 - 2016-04-19 22:10 - 00000000 ____D C:\Users\Admin\.IdeaIC2016
2016-04-19 22:06 - 2016-04-23 11:49 - 00000571 _____ C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 2016.1.1.lnk
2016-04-19 21:46 - 2016-04-19 21:58 - 265691264 _____ C:\Users\Admin\Downloads\ideaIC-2016.1.1.exe
2016-04-19 16:06 - 2016-04-23 11:49 - 00001209 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-04-16 15:57 - 2016-04-23 11:49 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-04-16 15:57 - 2016-04-23 11:49 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-04-16 15:57 - 2016-04-23 11:49 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-04-16 00:27 - 2016-04-16 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 07:04 - 2016-04-14 07:11 - 129577680 _____ (PortableApps.com) C:\Users\Admin\Downloads\LibreOfficePortable_5.1.1_MultilingualStandard.paf.exe
2016-04-13 17:55 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-13 17:55 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-13 17:29 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 17:29 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 17:29 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 17:29 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 17:29 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 17:29 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 17:29 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 17:29 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 17:29 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 17:29 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 17:29 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 17:29 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 17:29 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 17:29 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 17:29 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 17:29 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 17:29 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 17:29 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 17:29 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 17:29 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 17:29 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 17:29 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 17:29 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 17:29 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 17:29 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 17:29 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 17:29 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 17:29 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 17:28 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 17:28 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 17:28 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 17:28 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 17:28 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 17:28 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 17:28 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 17:28 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 17:28 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 17:28 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 17:28 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 17:28 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 17:28 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 17:28 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 17:28 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 17:28 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 17:28 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 17:28 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 17:28 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 17:28 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 17:28 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 17:28 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 17:28 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 17:28 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 17:28 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 17:28 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 17:28 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 17:28 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 17:28 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 17:28 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 17:28 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 17:28 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 17:28 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 17:28 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 17:28 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 17:28 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 17:28 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 17:28 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 17:28 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 17:28 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 17:28 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 17:28 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 17:28 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 17:28 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 17:28 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 17:28 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 17:28 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 17:28 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 17:28 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 17:28 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 17:28 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 17:28 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 17:28 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 17:28 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 17:28 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 17:28 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 17:28 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 17:28 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 17:28 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 17:28 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 17:28 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 17:28 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 17:28 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 17:28 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 17:28 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 17:28 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 17:28 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 17:28 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 17:28 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 17:28 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 17:28 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 17:28 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 17:28 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 17:28 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 17:28 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 17:28 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 17:28 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 17:28 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 17:28 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 17:28 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 17:28 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 17:28 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 17:28 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 17:28 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 17:28 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 17:28 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 17:28 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 17:28 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 17:28 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 17:28 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 17:28 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 17:28 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 17:28 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 17:28 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 17:28 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 17:28 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 17:28 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 17:28 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 17:28 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 17:28 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 17:28 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 17:28 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 17:28 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 17:28 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 17:28 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 17:28 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 17:28 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 17:28 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 17:28 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 17:28 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 17:28 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 17:28 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 17:28 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 17:28 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 17:28 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 17:28 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 17:28 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 17:28 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 17:28 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 17:28 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 17:28 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 17:28 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 17:28 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 17:28 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 17:28 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 17:28 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 17:28 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 17:28 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 17:28 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 17:28 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 17:28 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 17:28 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 17:28 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 17:28 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 17:28 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 17:28 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 17:28 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 17:28 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 17:28 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:28 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 17:28 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 17:28 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 17:28 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 17:28 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 17:28 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 17:28 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 17:28 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 17:28 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 17:28 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 17:28 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 17:28 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 17:28 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 17:28 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 17:28 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 17:28 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 17:28 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 17:28 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 17:28 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 17:28 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 17:28 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 17:28 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 17:28 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 17:28 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 17:28 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 17:28 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 17:28 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 17:28 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 17:28 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 17:28 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 17:28 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 17:28 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 17:28 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 17:28 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 17:28 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 17:28 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 17:28 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 17:28 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 17:28 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 17:28 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 17:28 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 17:28 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 17:28 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 17:28 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 14:26 - 2016-04-13 16:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-11 08:40 - 2016-04-11 08:40 - 03154031 _____ C:\Users\Admin\Downloads\39-245-1-PB.pdf
2016-04-08 23:02 - 2016-04-08 23:02 - 00000000 ____D C:\Users\Admin\Downloads\sp@-co@02_behind-enemy-lines_v1-1.altis
2016-04-08 23:00 - 2016-04-08 23:01 - 02260833 _____ C:\Users\Admin\Downloads\sp@-co@02_behind-enemy-lines_v1-1.altis.7z
2016-04-08 22:53 - 2016-04-08 22:53 - 00172068 _____ C:\Users\Admin\Downloads\brh_sniperRange_v102.zip
2016-04-08 22:53 - 2016-04-08 22:53 - 00000000 ____D C:\Users\Admin\Downloads\brh_sniperRange_v102
2016-04-08 22:46 - 2016-04-08 22:46 - 00088521 _____ C:\Users\Admin\Downloads\awp_map_v1.2.Stratis.rar
2016-04-08 22:46 - 2016-04-08 22:46 - 00000000 ____D C:\Users\Admin\Downloads\awp_map_v1.2.Stratis
2016-04-07 16:57 - 2016-04-07 16:57 - 00000202 _____ C:\Users\Admin\Desktop\Marvel Heroes 2016.url
2016-04-06 20:18 - 2016-04-06 20:18 - 00002909 _____ C:\Users\Admin\Downloads\5JYG2AJIFF.txt
2016-04-06 20:16 - 2016-04-06 20:16 - 00004640 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2016-04-06 19:04 - 2016-04-06 19:04 - 00401184 _____ C:\Users\Admin\Downloads\Army.zip
2016-04-06 19:04 - 2016-04-06 19:04 - 00000000 ____D C:\Users\Admin\Downloads\Army
2016-04-06 19:01 - 2016-04-06 20:16 - 00228932 _____ C:\Users\Admin\Documents\header_new-project.xcf
2016-04-06 19:01 - 2016-04-06 19:01 - 00026276 _____ C:\Users\Admin\Downloads\armalite-rifle.zip
2016-04-06 19:01 - 2016-04-06 19:01 - 00000000 ____D C:\Users\Admin\Downloads\armalite-rifle
2016-04-05 21:16 - 2016-04-05 21:16 - 01273528 _____ C:\Users\Admin\Desktop\bewerbung_zoll.odt
2016-04-05 21:16 - 2016-04-05 21:16 - 01273520 _____ C:\Users\Admin\Desktop\bewerbung_polizei_2.odt
2016-04-05 21:05 - 2014-07-09 13:38 - 00019453 _____ C:\Users\Admin\Desktop\Lebenslauf.odt
2016-04-05 21:05 - 2013-11-07 15:57 - 01271153 _____ C:\Users\Admin\Desktop\bewerbung_polizei.odt
2016-04-03 09:12 - 2016-04-03 09:18 - 124274392 _____ (Bitnami) C:\Users\Admin\Downloads\xampp-win32-7.0.4-0-VC14-installer.exe
2016-04-03 08:58 - 2016-04-03 08:58 - 00000000 ____D C:\Users\Admin\Downloads\gameportal
2016-04-03 08:55 - 2016-04-03 08:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\JetBrains
2016-04-03 08:55 - 2016-04-03 08:55 - 00000000 ____D C:\Users\Admin\.PhpStorm2016.1
2016-04-03 08:52 - 2016-04-19 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2016-04-02 21:31 - 2016-04-02 21:41 - 174316232 _____ C:\Users\Admin\Downloads\PhpStorm-2016.1.exe
2016-04-02 10:51 - 2016-04-02 10:51 - 00000000 ____D C:\Users\Admin\Downloads\pulseaudio-8.0.tar
2016-04-02 10:50 - 2016-04-02 10:51 - 01517656 _____ C:\Users\Admin\Downloads\pulseaudio-8.0.tar.xz
2016-04-02 10:50 - 2016-04-02 10:50 - 00000064 _____ C:\Users\Admin\Downloads\pulseaudio-8.0.tar.xz.sha1
2016-04-02 10:33 - 2016-04-02 10:33 - 00143879 _____ C:\Users\Admin\Downloads\INCEPTION_TIME_Piano Sheets_MusicMike512.pdf
2016-04-01 12:05 - 2016-04-23 11:49 - 00002666 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-01 12:05 - 2016-04-01 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-31 13:59 - 2016-03-31 13:59 - 00000000 ____D C:\Users\Admin\Documents\Custom Office Templates
2016-03-31 12:13 - 2016-03-30 03:06 - 01373680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-03-31 12:13 - 2016-03-30 03:05 - 01767248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-03-31 08:30 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-31 08:29 - 2016-03-31 08:29 - 00031782 _____ C:\Users\Admin\Downloads\oculus-vr-gaming-pc-de.htm
2016-03-31 08:29 - 2016-03-25 03:23 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-03-31 08:29 - 2016-03-22 06:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00546328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00129208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-03-31 08:29 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-03-31 08:29 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-03-30 17:58 - 2016-04-20 17:51 - 00000000 ____D C:\Users\Admin\.junique
2016-03-29 11:09 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-03-29 11:09 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-03-29 11:09 - 2016-03-21 22:01 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-26 21:23 - 2015-12-25 22:13 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-04-26 21:06 - 2015-10-08 14:01 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-26 20:53 - 2016-02-10 10:48 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-26 20:37 - 2015-10-26 21:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-26 20:32 - 2015-08-09 19:47 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2016-04-26 20:21 - 2016-01-05 14:55 - 00000000 ____D C:\Users\Admin\.VirtualBox
2016-04-26 19:56 - 2015-10-08 14:07 - 00000000 ____D C:\Users\Admin\Dropbox
2016-04-26 14:06 - 2015-10-08 14:01 - 00001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-26 09:53 - 2016-02-10 10:48 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-26 09:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-26 09:04 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-26 08:59 - 2015-10-30 20:35 - 00847432 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-26 08:59 - 2015-10-30 20:35 - 00180322 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-26 08:59 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-26 08:59 - 2015-08-01 09:30 - 01979688 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-26 08:53 - 2015-11-18 13:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-26 08:53 - 2015-11-18 13:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-26 08:53 - 2015-08-09 06:39 - 00000296 _____ C:\WINDOWS\Tasks\StartupStar Firewall.job
2016-04-26 08:53 - 2015-07-07 04:55 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-04-25 23:07 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-25 22:08 - 2015-10-18 08:09 - 00543232 ___SH C:\Users\Admin\Desktop\Thumbs.db
2016-04-25 16:37 - 2015-09-21 16:58 - 00404480 ___SH C:\Users\Admin\Downloads\Thumbs.db
2016-04-25 16:29 - 2015-08-23 16:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-04-23 17:30 - 2016-03-26 00:26 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-04-23 17:30 - 2016-03-26 00:26 - 00000000 ____D C:\Program Files\Image-Line
2016-04-23 17:30 - 2016-03-26 00:22 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-04-23 11:49 - 2016-03-11 12:18 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-23 11:49 - 2016-03-07 20:53 - 00000411 _____ C:\Users\Public\Desktop\Emergency4 spielen.lnk
2016-04-23 11:49 - 2016-03-07 20:48 - 00000806 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2016-04-23 11:49 - 2016-02-22 20:44 - 00000785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-04-23 11:49 - 2016-02-22 20:43 - 00000753 _____ C:\Users\Public\Desktop\Inkscape.lnk
2016-04-23 11:49 - 2016-02-21 22:33 - 00000785 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2015 Premium.lnk
2016-04-23 11:49 - 2016-02-09 19:33 - 00001072 _____ C:\Users\Public\Desktop\Desktop Live Streamer.lnk
2016-04-23 11:49 - 2016-02-09 09:43 - 00001491 _____ C:\Users\Public\Desktop\OBS Multiplatform.lnk
2016-04-23 11:49 - 2016-01-23 15:52 - 00002659 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvil Studio.lnk
2016-04-23 11:49 - 2016-01-23 15:52 - 00002641 _____ C:\Users\Public\Desktop\Anvil Studio.lnk
2016-04-23 11:49 - 2016-01-17 20:43 - 00000761 _____ C:\Users\Public\Desktop\ArmA3Sync.lnk
2016-04-23 11:49 - 2016-01-12 18:18 - 00001133 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000927 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000773 _____ C:\Users\Public\Desktop\Genymotion.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000768 _____ C:\Users\Public\Desktop\Genymotion Shell.lnk
2016-04-23 11:49 - 2015-12-19 18:42 - 00000781 _____ C:\Users\Public\Desktop\Mine-imator.lnk
2016-04-23 11:49 - 2015-11-21 14:56 - 00000718 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-04-23 11:49 - 2015-11-18 13:39 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-23 11:49 - 2015-11-13 15:59 - 00000926 _____ C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2016-04-23 11:49 - 2015-11-12 16:25 - 00000753 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-04-23 11:49 - 2015-11-12 16:25 - 00000753 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-23 11:49 - 2015-11-08 11:20 - 00001460 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-23 11:49 - 2015-10-24 18:29 - 00000727 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2016.lnk
2016-04-23 11:49 - 2015-10-24 08:59 - 00001315 _____ C:\Users\Public\Desktop\FotoMorph.lnk
2016-04-23 11:49 - 2015-10-24 08:30 - 00000775 _____ C:\Users\Public\Desktop\MAGIX Video deluxe 2016 Premium.lnk
2016-04-23 11:49 - 2015-10-16 15:31 - 00001764 _____ C:\Users\Public\Desktop\MAGIX Music Maker Movie Score Edition.lnk
2016-04-23 11:49 - 2015-10-13 16:29 - 00001196 _____ C:\Users\Public\Desktop\Adjustment Pattern software.lnk
2016-04-23 11:49 - 2015-10-05 16:30 - 00000753 _____ C:\Users\Public\Desktop\1AVShare.lnk
2016-04-23 11:49 - 2015-09-26 11:24 - 00001074 _____ C:\Users\Public\Desktop\My Film Kiosk.lnk
2016-04-23 11:49 - 2015-09-14 10:16 - 00000561 _____ C:\Users\Public\Desktop\Origin.lnk
2016-04-23 11:49 - 2015-09-14 10:04 - 00001155 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-04-23 11:49 - 2015-09-11 10:44 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-04-23 11:49 - 2015-09-10 11:57 - 00000743 _____ C:\Users\Public\Desktop\Schiff-Simulator 2008 Mission Editor.lnk
2016-04-23 11:49 - 2015-09-10 11:57 - 00000737 _____ C:\Users\Public\Desktop\Schiff-Simulator 2008.lnk
2016-04-23 11:49 - 2015-09-09 14:26 - 00000848 _____ C:\Users\Public\Desktop\Flughafen-Feuerwehr-Simulator.lnk
2016-04-23 11:49 - 2015-09-04 08:57 - 00001042 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-04-23 11:49 - 2015-08-23 16:32 - 00001046 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-04-23 11:49 - 2015-08-23 07:36 - 00000549 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-23 11:49 - 2015-08-21 07:35 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-04-23 11:49 - 2015-08-20 13:08 - 00001447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-04-23 11:49 - 2015-08-13 07:55 - 00001213 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2016-04-23 11:49 - 2015-08-11 13:37 - 00001149 _____ C:\Users\Public\Desktop\Snaz.lnk
2016-04-23 11:49 - 2015-08-09 06:46 - 00001272 _____ C:\Users\Public\Desktop\Ashampoo Core Tuner 2.lnk
2016-04-23 11:49 - 2015-08-09 06:39 - 00001106 _____ C:\Users\Public\Desktop\StartupStar.lnk
2016-04-23 11:49 - 2015-07-26 07:44 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
2016-04-23 11:49 - 2015-07-19 14:14 - 00000920 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-04-23 11:49 - 2015-07-18 10:42 - 00000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-04-23 11:49 - 2015-07-18 10:08 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-23 11:49 - 2015-07-14 15:25 - 00001813 _____ C:\Users\Public\Desktop\BlueJ.lnk
2016-04-23 11:49 - 2015-07-13 14:14 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-23 11:49 - 2015-07-11 12:31 - 00000996 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-23 11:49 - 2015-07-08 19:59 - 00002034 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-04-23 11:48 - 2016-03-26 00:27 - 00000858 _____ C:\Users\Admin\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2016-04-23 11:48 - 2016-03-26 00:26 - 00000861 _____ C:\Users\Admin\Desktop\FL Studio 12 (64bit).lnk
2016-04-23 11:48 - 2016-03-26 00:26 - 00000849 _____ C:\Users\Admin\Desktop\FL Studio 12.lnk
2016-04-23 11:48 - 2016-02-23 12:09 - 00000875 _____ C:\Users\Admin\Desktop\Eclipse Java Mars.lnk
2016-04-23 11:48 - 2016-02-23 12:05 - 00000872 _____ C:\Users\Admin\Desktop\Eclipse Php Mars.lnk
2016-04-23 11:48 - 2016-01-23 15:44 - 00000821 _____ C:\Users\Admin\Desktop\ASIO4ALL v2 Anleitung.lnk
2016-04-23 11:48 - 2015-12-29 09:57 - 00001509 _____ C:\Users\Admin\Desktop\LEGOHarryPotter.lnk
2016-04-23 11:48 - 2015-11-26 16:57 - 00001895 _____ C:\Users\Admin\Desktop\Spotify.lnk
2016-04-23 11:48 - 2015-11-26 16:57 - 00001881 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-04-23 11:48 - 2015-11-18 19:31 - 00000779 _____ C:\Users\Admin\Desktop\GeoGebra.lnk
2016-04-23 11:48 - 2015-11-10 17:04 - 00001092 _____ C:\Users\Admin\Desktop\RidNacs.lnk
2016-04-23 11:48 - 2015-10-25 15:04 - 00000806 _____ C:\Users\Admin\Desktop\MSI Afterburner.lnk
2016-04-23 11:48 - 2015-10-25 14:36 - 00000721 _____ C:\Users\Admin\Desktop\TechPowerUp GPU-Z.lnk
2016-04-23 11:48 - 2015-10-08 14:07 - 00001299 _____ C:\Users\Admin\Desktop\Dropbox.lnk
2016-04-23 11:48 - 2015-09-28 16:07 - 00001773 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-23 11:48 - 2015-09-28 16:07 - 00001725 _____ C:\Users\Admin\Desktop\Start Tor Browser.lnk
2016-04-23 11:48 - 2015-09-24 21:31 - 00001355 _____ C:\Users\Admin\Desktop\Auslogics Disk Defrag Professional.lnk
2016-04-23 11:48 - 2015-09-21 21:51 - 00001285 _____ C:\Users\Admin\Desktop\Auslogics Driver Updater.lnk
2016-04-23 11:48 - 2015-09-19 11:19 - 00001413 _____ C:\Users\Admin\Desktop\explorer.lnk
2016-04-23 11:48 - 2015-09-19 09:23 - 00001242 _____ C:\Users\Admin\Desktop\Auslogics BoostSpeed 8.lnk
2016-04-23 11:48 - 2015-09-14 10:04 - 00001242 _____ C:\Users\Admin\Desktop\Auslogics DiskDefrag.lnk
2016-04-23 11:48 - 2015-08-29 08:33 - 00002384 _____ C:\Users\Admin\Desktop\Play withSIX.lnk
2016-04-23 11:48 - 2015-08-12 18:07 - 00001062 _____ C:\Users\Admin\Desktop\GIGA F-Tasten.lnk
2016-04-23 11:48 - 2015-08-11 11:32 - 00001004 _____ C:\Users\Admin\Desktop\Open Broadcaster Software.lnk
2016-04-23 11:48 - 2015-08-01 09:40 - 00001047 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-23 11:48 - 2015-07-31 21:18 - 00002181 _____ C:\Users\Admin\Desktop\Git Shell.lnk
2016-04-23 11:48 - 2015-07-28 07:52 - 00001801 _____ C:\Users\Admin\Desktop\Google Drive.lnk
2016-04-23 11:48 - 2015-07-26 07:44 - 00000963 _____ C:\Users\Admin\Desktop\YaTQA.lnk
2016-04-23 11:48 - 2015-07-08 18:39 - 00001079 _____ C:\Users\Admin\Desktop\Eigene Dokumente.lnk
2016-04-23 11:48 - 2015-07-08 18:39 - 00000512 _____ C:\Users\Admin\Desktop\Lokaler Datenträger (C).lnk
2016-04-23 10:43 - 2015-08-01 09:37 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-04-23 10:31 - 2015-11-18 13:36 - 00000000 ____D C:\Users\Admin
2016-04-23 10:06 - 2015-07-11 13:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2016-04-23 10:05 - 2015-07-11 13:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-23 09:46 - 2015-07-06 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-22 14:57 - 2015-12-02 12:13 - 00000000 ____D C:\Users\Admin\Documents\My Games
2016-04-21 08:00 - 2015-09-14 11:43 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage
2016-04-21 08:00 - 2015-09-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-19 22:11 - 2016-01-05 15:06 - 00000000 ____D C:\Users\Admin\.android
2016-04-19 16:06 - 2015-07-08 07:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-19 16:06 - 2015-07-08 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-17 17:23 - 2016-02-23 12:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Eclipse
2016-04-17 17:23 - 2016-02-23 11:56 - 00000000 ____D C:\Users\Admin\.p2
2016-04-16 15:57 - 2015-07-28 07:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-16 00:27 - 2015-10-08 14:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 20:17 - 2015-10-08 14:01 - 00000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2016-04-15 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 07:03 - 2015-11-18 13:34 - 05256408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 17:56 - 2016-03-07 18:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-13 17:55 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 17:53 - 2009-07-14 04:34 - 00000541 _____ C:\WINDOWS\win.ini
2016-04-13 17:13 - 2015-07-06 20:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 17:10 - 2015-07-06 20:17 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 16:36 - 2015-07-11 08:50 - 00007599 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2016-04-13 16:34 - 2015-07-08 19:59 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-04-12 13:59 - 2015-11-18 13:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-08 22:50 - 2015-07-08 20:59 - 00000000 ____D C:\Users\Admin\AppData\Local\Arma 3
2016-04-07 20:37 - 2015-10-26 21:55 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-07 16:57 - 2015-07-08 07:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-06 22:15 - 2015-07-18 12:30 - 00000000 ____D C:\Users\Admin\.gimp-2.8
2016-04-06 20:09 - 2015-07-18 12:31 - 00000000 ____D C:\Users\Admin\AppData\Local\gtk-2.0
2016-04-06 18:23 - 2015-12-01 17:24 - 00000000 ____D C:\Users\Admin\Documents\Euro Truck Simulator 2
2016-04-06 14:34 - 2015-08-23 16:32 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-02 21:23 - 2015-08-12 08:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Audacity
2016-04-01 17:04 - 2015-07-08 19:40 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-04-01 12:05 - 2015-09-12 15:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-01 12:05 - 2015-07-08 19:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Skype
2016-04-01 12:05 - 2015-07-08 19:40 - 00000000 ____D C:\ProgramData\Skype
2016-03-31 15:22 - 2016-02-09 18:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-31 08:30 - 2015-11-18 13:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-31 08:30 - 2015-11-08 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-31 08:29 - 2015-11-18 13:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-30 03:06 - 2015-11-08 11:20 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-19 22:04 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-11-08 11:20 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-03-27 18:30 - 2016-03-26 22:34 - 00000325 _____ C:\Users\Admin\Desktop\supporter.txt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-29 15:33 - 2013-06-29 15:33 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2013-06-29 15:33 - 2013-06-29 15:33 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2015-10-25 19:02 - 2015-12-05 10:45 - 0019968 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-26 08:25 - 2015-07-26 08:25 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2016-04-06 20:16 - 2016-04-06 20:16 - 0004640 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-07-11 08:50 - 2016-04-13 16:36 - 0007599 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-11-18 13:35 - 2015-11-18 13:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-23 13:54

==================== Ende von FRST.txt ============================
         

Alt 26.04.2016, 20:41   #20
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



5. Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Admin (2016-04-26 21:30:47)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-11-18 11:42:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-140753515-2919073295-4058598123-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-140753515-2919073295-4058598123-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-140753515-2919073295-4058598123-503 - Limited - Disabled)
Gast (S-1-5-21-140753515-2919073295-4058598123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-140753515-2919073295-4058598123-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{8AE911BA-9AFB-435C-92C9-62BF228647AE}) (Version: 15.0.0 - Helmut Buhler)
ACD/Labs Freeware in E:\Program Files (x86)\ChemSketch\ (HKLM-x32\...\ACDLabs in E__Program_Files_(x86)_ChemSketch_) (Version: v14.00, FREE - ACD/Labs)
Adjustment Pattern software utility (HKLM-x32\...\Adjustment Pattern software utility) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Anvil Studio (HKLM-x32\...\{220A823C-2FB4-48D5-A49F-455D85D187A8}) (Version: 13.07.01 - Willow Software)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Live Streamer (HKLM-x32\...\{90B6DE78-F018-4479-AEAC-0FF6712356D1}) (Version: 0.9.4000 - Charnet3D)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\GeoGebra 5) (Version: 5.0.172.0 - International GeoGebra Institute)
GitHub (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\5f7eb300e2ea4ebf) (Version: 3.0.4.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.)
Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Harry Potter und der Orden des Phönix™ (HKLM-x32\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version:  - )
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IntelliJ IDEA Community Edition 2016.1.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2016.1.1) (Version: 145.597.3 - JetBrains s.r.o.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 91 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
Lakeside Reallife Launcher (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\48c76590b993d809) (Version: 1.0.0.15 - Lakeside Reallife)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{A6332FAE-114E-4B18-8FC9-AEF2410C84B7}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2015 Movie Score Edition Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{3DF585C2-BDD1-42F7-84E1-AB6191830E0E}) (Version: 21.0.0.30 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Version: 21.0.0.30 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 (HKLM-x32\...\MX.{C34122C7-9635-42AA-856B-FB819183509A}) (Version: 22.0.1.51 - MAGIX Software GmbH)
MAGIX Music Maker 2016 (Version: 22.0.1.51 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Hip Hop Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Movie Score Edition (HKLM-x32\...\MX.{692A8B82-1189-4DBF-B4C4-A285F4970E20}) (Version: 21.0.3.47 - MAGIX Software GmbH)
MAGIX Music Maker Movie Score Edition (Version: 21.0.3.47 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Movie Score Edition Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Rock Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{AD4A2318-33E8-4E3C-90F5-5E91D0EE8572}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel Heroes 2016 (HKLM\...\Steam App 226320) (Version:  - Gazillion Entertainment)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.8.12.11026) (Version: 1.8.12.11026 - MediaFire)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.93.20.0 - Overwolf Ltd.)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.6 - Bitsum)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Play withSIX Windows client (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\PlaywithSIX) (Version: 1.68.1153.2 - SIX Networks GmbH)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Eugen Systems)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rettungswagen Simulator 2012 (HKLM-x32\...\Rettungswagen Simulator 2012) (Version:  - )
Schiff-Simulator 2008 (HKLM-x32\...\ShipSim2008) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Time Clickers (HKLM-x32\...\Steam App 385770) (Version:  - Proton Studio Inc)
Unity Web Player (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vita Century Keys (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Pop Brass (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Soundtrack Percussion (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Space Pad (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita World Flutes (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.14-0 - Bitnami)
YTRPG - Launcher (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\60b8c81058e6119f) (Version: 2.0.0.31 - SpacePlay.DE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00CBCA41-2DBA-4201-867E-0D159637F24F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {08C03022-2F14-4056-A8FB-5C9D873A200C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {0B735A62-878B-4393-A4A9-8C95FFFD0F14} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {0C590825-E82C-49FC-A821-54CB4B699FAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-11] (Google Inc.)
Task: {0DD1569C-B667-4FF4-9E09-BEC5B5E21290} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {13DB8A51-8292-4F07-BE2B-AEC948A52799} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {15719DFF-D620-40C9-BAA0-D9D70138089D} - System32\Tasks\{9DD20992-C862-45DA-8AE8-8513F9B0B36E} => pcalua.exe -a "C:\Program Files (x86)\Auslogics\BoostSpeed\unins000.exe"
Task: {1C252EC4-0060-4411-BA3D-71EC04451D05} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-04-05] (Overwolf LTD)
Task: {1D0FE1B2-97C7-442E-B70F-92554292C602} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F4C7508-50D6-4D0C-87E7-679C94D4ED81} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {24E8C960-52B4-4045-8250-B01C4501D140} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2973C204-ECE4-4615-91C6-24D61A8ADC2A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BD0EA9D-940A-4134-B15C-3EFCC4D565DA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2E05BE4F-4B8C-4D84-9C60-5983C2FA48C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {31509BF9-6808-4F3F-8A88-6CD20628DAA8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {38E21CC5-A7FD-4F97-99A2-19590CEB2851} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3BAEF89F-70DD-49D5-A2E3-D3657D296F59} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {452A39B5-338C-4743-8C9D-E3C94A060DE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4790C6CF-50CE-4E8C-8425-39B2D95162FB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {47D29803-AC70-4F42-9F61-C9A818F288CA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {504F3719-F240-4C02-90A3-78546B2F1AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5F6984FB-F0A4-4DB2-A465-010DCADBBEA3} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [2016-02-19] (Bitsum LLC)
Task: {60968398-1F72-4B60-9A85-D2EE08B60A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-11] (Google Inc.)
Task: {62382525-AD20-4127-BB06-43695633D152} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {623DA8F8-2B80-4CA4-B57D-D105D2C82760} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {65B69E76-E4D5-49E6-8885-95302FB3C0CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {671B6CCA-0BBE-462D-B699-69B31892D518} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {67574422-DF2E-400D-93FB-7F75D842E0AC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {6AEE10E9-3903-464D-A783-E9BC2038721B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6D299DCF-9047-45A8-A9DE-A702BD3497E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {7363B6BD-824A-465E-A07B-8A74AA1C5329} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {82A5966F-E8DB-40E9-82D8-FE4C1F1E92E2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8546DBE6-AEDC-456B-A0C6-74D7A6ED5E05} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {864B97C4-6B1F-4279-9117-AD3357261E11} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {8E643E05-1F5E-4F84-B073-6B7EACD6F53E} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {9054AE16-23D9-4A39-801F-FA115FD5E37B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9A40B8FA-022C-465F-B8B6-9874CA5C97AC} - System32\Tasks\StartupStar Firewall => C:\Program Files (x86)\StartupStar\StartupStar.exe [2015-05-08] (Ascora GmbH)
Task: {A1512778-3A59-4AA0-8BE8-E528A02033A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A574E01F-E5B5-4A94-9BDA-5BE084D67BD3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AAA866D2-C18F-4866-8F5A-8089D30091B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {AB966AA9-144F-4CDB-B1CD-D5B2A5327DE1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {AD5F5A1C-89D6-48A2-9A55-96FDD778CDF2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C27E6520-F8BC-4983-8D63-F01B4419868D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C7CC8FD5-A95B-43B8-8B04-EBDA35676CFB} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {CF60743F-489C-4431-9182-BC01D92A847E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {CFD9CAEA-FC24-4E5A-9D27-0D251D55F0F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DE2B6F11-1BF0-4CDA-9119-D38D253CB0D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {E8BB2A6F-7088-4248-8B1D-5539EB584DAC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {E8EC247B-F6DA-482C-A1C1-E800DC1377BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F095CEA1-F331-4609-83D6-5D8259CBCA09} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => 

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Admin\Desktop\explorer.lnk -> C:\Users\Admin\Documents\explorer.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-18 13:35 - 2016-03-22 04:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-09 06:46 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2015-12-16 18:32 - 2015-11-05 20:36 - 00456176 _____ () C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
2016-03-31 12:13 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-31 12:13 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-31 12:13 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-31 12:13 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2015-12-18 08:17 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-29 11:09 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-29 11:09 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-29 11:09 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 20:36 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-29 11:09 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-03-29 11:09 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-07-27 16:18 - 2015-07-27 16:18 - 00080384 _____ () C:\Program Files\Ultracopier\libgcc_s_seh-1.dll
2015-07-27 16:18 - 2015-07-27 16:18 - 01013760 _____ () C:\Program Files\Ultracopier\libstdc++-6.dll
2015-11-08 11:20 - 2016-03-30 03:27 - 00165824 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-11-08 11:20 - 2016-03-30 03:28 - 00861120 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-03-29 16:17 - 2016-03-29 16:19 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 16:17 - 2016-03-29 16:19 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 08:35 - 2016-03-04 08:36 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-05 14:54 - 2015-11-27 15:22 - 01936384 _____ () E:\Program Files (x86)\Genymotion\genymotion.exe
2016-04-19 08:00 - 2016-04-19 08:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-13 17:28 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 17:28 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 17:28 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 17:28 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-08 11:20 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-16 00:27 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-16 00:27 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-04-16 00:27 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-16 00:27 - 2016-04-08 20:19 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-16 00:27 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-16 00:27 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-16 00:27 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-16 00:27 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-16 00:27 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-04-16 00:27 - 2016-04-08 20:20 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-16 00:27 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-06 17:48 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-05 14:54 - 2014-10-23 12:27 - 00119822 _____ () E:\Program Files (x86)\Genymotion\libgcc_s_dw2-1.dll
2016-01-05 14:54 - 2014-10-23 12:27 - 01026574 _____ () E:\Program Files (x86)\Genymotion\libstdc++-6.dll
2016-01-05 14:54 - 2015-11-27 15:15 - 00028160 _____ () E:\Program Files (x86)\Genymotion\minicrypt.dll
2016-01-05 14:54 - 2015-10-21 10:31 - 00107520 _____ () E:\Program Files (x86)\Genymotion\zlib1.dll
2016-01-05 14:54 - 2014-10-16 12:34 - 03758809 _____ () E:\Program Files (x86)\Genymotion\icuin53.dll
2016-01-05 14:54 - 2014-10-16 12:33 - 02093901 _____ () E:\Program Files (x86)\Genymotion\icuuc53.dll
2016-01-05 14:54 - 2014-10-16 12:34 - 21565880 _____ () E:\Program Files (x86)\Genymotion\icudt53.dll
2016-01-05 14:54 - 2015-11-27 15:14 - 00301056 _____ () E:\Program Files (x86)\Genymotion\plugins\vboxmanage.DLL
2016-04-19 08:00 - 2016-04-19 08:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 08:00 - 2016-04-19 08:02 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Admin\Desktop\Schwarzweiß.JPG:com.dropbox.attributes [424]
AlternateDataStreams: C:\Users\Admin\AppData\Local\R7ZBFMcHvmUmFZ:3Si4lqMHjPBoPX9x8k4XVoJ5AP0 [2234]
AlternateDataStreams: C:\Users\Admin\AppData\Local\yx7ceE7ZOXkJA:jtwU9Xm4YglUwnEzK3Z4v [2246]
AlternateDataStreams: C:\ProgramData\Temp:9F3C1A6B [223]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-140753515-2919073295-4058598123-1000\Control Panel\Desktop\\Wallpaper -> c:\users\admin\pictures\saved pictures\london_big_ben_night_river_building_top_view_black_white_30804_2560x1080.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LibreOffice 4.3.lnk => C:\Windows\pss\LibreOffice 4.3.lnk.Startup
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\StartupFolder: => "Orga-Nicer.lnk"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\StartupApproved\Run: => "Free Hide IP"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{923CA357-2EBD-4BCD-80A7-AFE31DF1DC80}] => (Allow) E:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{345610A5-5629-45E6-8637-241246AD2072}] => (Allow) E:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{6EC9136A-6057-47FA-9BDB-F0A3508B7FD9}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{26E762D4-7ED3-40B6-9998-7C16331EB188}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7C54F452-A8A4-4B5B-94A0-E48785D8D498}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E6896CB8-5417-42B8-9B18-3BCAE4F64618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2233978-9424-4981-9C88-38E199CC0709}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9D007525-9BF4-43CF-854B-8630A52EF557}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A3FDE9CA-9A46-48EA-B683-77DEEB8D28B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{974267FC-C117-469C-A3E5-CDEC044CE59C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{44AA3335-CEA2-4210-8F93-A5195DA8C327}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3A0B90AF-5F99-4888-8EB6-13F629E97A53}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F43B0ED1-200E-4077-A4E0-3395B2BFE9B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3F66255-6112-4C77-AFC7-1C8842411850}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5D73687-C04E-468F-8073-E569EC49AB41}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5C8E20B-DB4E-4113-87A6-CBE107620908}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{984A952F-B493-4A2C-BE4A-F04FFBEE752C}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{650EE30A-51F1-4A3B-954A-DA07FDD5AE24}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{9527E534-16ED-4B38-BB6C-053AB1FD9B98}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{0FD8DB08-7CC4-4770-87A8-1F0A01DDDCC0}] => (Allow) E:\MAGIX\Music Maker 2016\MusicMaker.exe
FirewallRules: [{74BFE77D-AC75-4D70-8A07-CF1B77620996}] => (Allow) E:\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [UDP Query User{344A099F-F1DF-4E21-8FA2-264AA43B4331}E:\program files (x86)\1avshare\1avshare.exe] => (Allow) E:\program files (x86)\1avshare\1avshare.exe
FirewallRules: [TCP Query User{F8DA4428-6DB5-41FE-BCB7-E481C0C09FAD}E:\program files (x86)\1avshare\1avshare.exe] => (Allow) E:\program files (x86)\1avshare\1avshare.exe
FirewallRules: [{DC4BE2CF-7BB1-416F-BF02-F3C75840254E}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{F6FE52D5-14AC-46B8-A10F-7BE303AD2042}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{A23FAD0F-3C20-460F-8FB7-B134DEEF74E7}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4247A8FD-F113-4FD1-A95C-EB05F77BAD85}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{F0A8659D-4F6F-4C05-8ECD-EE50A13B7F73}] => (Allow) E:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{420A87D0-EF33-4E70-B42D-56CA5A992540}] => (Allow) E:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [UDP Query User{C7E7A3B6-7D43-4411-895B-1E5038E17DF4}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{6F3C633C-68AE-4E26-B1A0-90D96A93A2D1}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{5642CB22-1CAB-4038-8210-FDA6B2B80EB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{95EC4D97-4290-4AF5-A3D4-87D66820E35B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C34CCCB2-29D4-4971-9CB0-4552886BDF42}] => (Allow) E:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{F0C4107A-BE23-4D7E-A3B9-8EDE13B94491}] => (Allow) E:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{55277EBC-87A9-4BEF-B5DF-0E1E43625DEF}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{8850F4E4-57E3-4819-A4AF-D286AD8825F0}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{0729B5FC-5194-41EF-BDB0-81A796BB75F5}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{6247E1E1-4768-4B65-B929-05A0938249DB}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [UDP Query User{458AF759-863D-4887-9131-8110C5A6BA93}E:\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [TCP Query User{B221AC51-EF98-4549-8C0D-668C1C1596EF}E:\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{6C8F3D66-77E0-42FA-95AD-288A316F69F3}E:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{69255F24-97E9-428F-9A56-D7934DB7ECB2}E:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FE4F52B7-4B5A-4EF2-8D6F-2A58AA2BDEE3}] => (Allow) E:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{8B3B1FB4-A0DF-451D-B748-B0D1B481AEAC}] => (Allow) E:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{49786D9C-5A15-42FF-98C5-59A7287DDE46}] => (Allow) E:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{25FAAD6A-EC72-4A53-9BFC-792DB6961456}] => (Allow) E:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{CC751B56-ED04-4023-9E6D-0CE532E64DF2}] => (Allow) E:\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe
FirewallRules: [{29D5A69A-4C03-4A29-B4A5-E123B8D05010}] => (Allow) E:\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe
FirewallRules: [{BB2F3811-143D-4705-AC2C-C26B91C03316}] => (Allow) E:\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{FD48AFD5-FC74-4EC6-B4AA-A8A2D89CCB85}] => (Allow) E:\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{D4952C73-807B-47FA-BF4F-2AA387FC5CB4}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{789CE98B-BCB1-4E2F-968A-FDDA2965CECD}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C994A821-A728-4020-BC6E-82F37A79DD3E}] => (Allow) LPort=1900
FirewallRules: [{F99B7E14-9615-482F-8928-EDE33AEC69D2}] => (Allow) LPort=2869
FirewallRules: [{2C7E5939-BB25-46B8-A6BF-CD706E29EF5C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7E0B5BF-349E-4A8C-9406-158939F48293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{362C6BA7-FCB1-49EC-9925-9D4C0C473053}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10C1A13A-F5E6-48DE-8167-D00678FE74FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3944541-4B83-4AD5-A453-EFA816718841}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0E74BEDA-FC58-4A7B-9455-1F871BE62BA2}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{368C710D-5798-4B62-BF93-E347DAF1F965}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CACB486F-F952-4CDC-827C-E9A1960E1763}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1D72D9F7-ACC6-4EA3-9079-E7A771C79057}] => (Allow) E:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{CC520600-1E1F-4BD5-B78A-2AC3E5873AA4}] => (Allow) E:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [TCP Query User{49E367C6-1069-42F8-A410-A165FB534013}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{BD4BE9D1-FAA0-4AC0-9D37-D88113C96F74}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{479EC266-DE50-45D3-950B-3823ACA2552B}E:\xampp\filezillaftp\filezillaserver.exe] => (Allow) E:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{B68FDA55-DD06-438D-AE6D-1AD468E57C6F}E:\xampp\filezillaftp\filezillaserver.exe] => (Allow) E:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{9E6F905F-AE4D-4E1A-9B62-6C2D5827F42A}E:\xampp\mercurymail\mercury.exe] => (Allow) E:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{C230A7F6-6E41-4033-B374-E8D660B54ED8}E:\xampp\mercurymail\mercury.exe] => (Allow) E:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{08B7B836-E241-43C9-AA15-C3791F430C62}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{7ABA0A93-FE69-4E60-8043-5FDF9B68E124}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{FA7C304A-6082-46F9-9497-23EA6AD40795}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{24BA6DD5-8040-4CDA-A037-6E78001EBB5F}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B54DB871-836F-4946-9DCC-F0FB9DB56526}E:\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{79721241-14ED-4C23-B7DC-AA979FD7126D}E:\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{9B26A4CF-15D3-4EBA-B024-495DE527278B}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{7E6B8B8A-95F9-486C-9519-EE1012B18A1E}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{C9AF479A-1F24-43D4-8049-C4ED7FDADBA5}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{E7D4EE5D-66FF-4836-AEE8-D8974445E5DC}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{39DF4F46-FF74-4028-98CB-FE730DAE8F7F}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{32FCD7A7-6C7D-4908-9D7E-7FDDDA2CAEF3}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{486F5F47-AAF7-426D-B0C7-D340581EEF5D}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{34EEE5D9-2A7A-448C-9213-98F36FB3718D}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [TCP Query User{845FB6A7-7302-459B-B32D-51387A971F35}E:\program files (x86)\brackets\node.exe] => (Allow) E:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{56DEDA84-2F1E-416C-BEB8-265515EC8D1B}E:\program files (x86)\brackets\node.exe] => (Allow) E:\program files (x86)\brackets\node.exe
FirewallRules: [TCP Query User{89D9D066-6CB5-4D71-86F9-C89132E88D90}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [UDP Query User{A5698EE8-6F6F-4460-9FF8-C1C818038148}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [TCP Query User{E9886C8A-901B-4A7F-BD93-C1D999593FC1}F:\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) F:\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{7D0C4576-A9F2-44C1-9529-B0DF6926D6D3}F:\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) F:\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{12316E4D-30AC-4D34-98EA-91F40159D892}F:\portableapps\utorrentportable\app\utorrent\utorrent.exe] => (Allow) F:\portableapps\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BAF4EB8F-608A-47ED-8E30-A52BB6C538DB}F:\portableapps\utorrentportable\app\utorrent\utorrent.exe] => (Allow) F:\portableapps\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B21AAC2B-47B2-4ABF-AA7D-0EBAE73DD2AF}C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe] => (Allow) C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe
FirewallRules: [UDP Query User{1C599FB3-4731-4934-B8AB-FC5955D31384}C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe] => (Allow) C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe
FirewallRules: [TCP Query User{C8E8A56B-3DC9-40B1-BA88-9D479D26CBD8}E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe
FirewallRules: [UDP Query User{A0FEA453-4AA5-4A53-A6B2-112F8B72180A}E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe
FirewallRules: [TCP Query User{C6414EAF-EA50-48D7-8C81-A2ACC23140E3}E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe
FirewallRules: [UDP Query User{B06CAAFF-9455-463C-9353-B482F183F317}E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe
FirewallRules: [{AFD9AB39-19AF-4E9F-B954-FC8E921109EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{1E691773-2067-4A22-B386-78D7FE8522F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BB1B0086-B738-47F7-AC48-6A2F660FCE87}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{09E6100D-98F2-49DF-8E1B-3EEBEB8ED02E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{23B2EC31-32C3-44B9-8A9C-66A8ECFD0DEF}E:\simulatoren\emergency 4\em4.exe] => (Allow) E:\simulatoren\emergency 4\em4.exe
FirewallRules: [UDP Query User{DD9B3E66-FFBA-4F7B-9F69-9C8C1335346A}E:\simulatoren\emergency 4\em4.exe] => (Allow) E:\simulatoren\emergency 4\em4.exe
FirewallRules: [TCP Query User{AA41909C-A535-4745-8CCD-F877C936543A}F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe] => (Allow) F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe
FirewallRules: [UDP Query User{36CEC0B3-1BA1-4705-A9E3-9E9A71945398}F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe] => (Allow) F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe
FirewallRules: [{BE0E3E49-75BA-4AE4-A4CB-59C18A7EF04E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{F3991D61-21CC-43A9-A4A1-A7FE1722B01B}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5E2878B7-5774-49FD-B497-5E5315E17C06}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0C19052E-AB37-434A-B32C-A8A77BFB726E}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{EEC48DE9-F217-4B8D-B554-E41873103887}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{43420B2C-CBE2-4E77-94E5-102FD67F56E0}] => (Allow) E:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{BDD556F2-9708-4CFA-8B89-616A65DE5263}] => (Allow) E:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{CE75716B-7F2C-43EB-B545-7321E23B5AF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

26-04-2016 17:28:40 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VirtualBox Host-Only Ethernet Adapter #2
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/26/2016 09:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x1f64
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 09:20:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HitmanPro_x64.exe, Version 3.7.14.263 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19fc

Startzeit: 01d19fef150d42cb

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\Admin\Downloads\HitmanPro_x64.exe

Berichts-ID: fc4f7f5f-0be3-11e6-9d29-74d4358c8d73

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/26/2016 09:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x840
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 09:08:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/26/2016 08:53:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x142c
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 08:38:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x7b0
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 08:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x2004
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 08:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x270c
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 07:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x620
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/26/2016 07:38:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x1808
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5


Systemfehler:
=============
Error: (04/26/2016 07:32:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/26/2016 07:32:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys

Error: (04/26/2016 07:32:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/26/2016 07:32:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys

Error: (04/26/2016 07:32:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/26/2016 07:32:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys

Error: (04/26/2016 07:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/26/2016 07:31:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys

Error: (04/26/2016 07:31:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/26/2016 07:31:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-04-14 18:23:53.149
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 07:03:53.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-13 17:56:22.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-25 23:43:47.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 18:29:34.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 08:03:00.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 07:27:01.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 19:09:19.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-08 16:51:56.390
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-08 16:50:34.468
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16239.72 MB
Verfügbarer physikalischer RAM: 11840.08 MB
Summe virtueller Speicher: 32623.72 MB
Verfügbarer virtueller Speicher: 27109.2 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.58 GB) (Free:6.03 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:123.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 251FFFDD)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
6. Chrome scheint soweit zu funktionieren. Allerdings habe ich die oben genannten Ergebnisse erhalten. Dazu kann ich FF nicht als Standardbrowser einstellen.

Danke soweit aber mal

Mit freundlichen Grüßen,
Auran aka Julian


Alt 27.04.2016, 15:25   #21
M-K-D-B
/// TB-Ausbilder
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Servus,


kannst du HitmanPro bitte nochmal laufen und die Funde entfernen lassen.
Dann die Logdatei im Anschluss posten.


Wegen Firefox als Standardbrowser:
Start > Einstellungen > System > Standard-Apps
Unter "Webbrowser" sollte Edge stehen, klicke darauf und wähle Firefox aus.
Problem damit behoben?

Alt 27.04.2016, 16:58   #22
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Ich habe wie geschrieben Hitman nochmal drüberlaufen lassen. Den Entfernungslog wollte der mir genausowenig ausspucken. Klick auf die Schaltfläche = 0. (siehe hitman_entfernung.png)
Danach habe ich den sicherheitshalber nochmal drüberschauen lassen. (hitman_2.png)

Zu FF: Das habe ich ja schon getestet. Das geht ja nicht. Ich habe jetzt testweise die Einstellungen bezüglich der Standardapps zurückgesetzt. Hat funktioniert... Die Apps ändern geht aber immernoch nicht.

Irgendeine Idee?

Mit freundlichen Grüßen,
Auran aka Julian

Alt 28.04.2016, 15:32   #23
M-K-D-B
/// TB-Ausbilder
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Servus,



Welche Fehlermeldung erscheint?




Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

CHR:::
Setze Google Chrome nach dieser Anleitung zurück.



Nochmal FRST:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Alt 28.04.2016, 16:04   #24
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Hallo,

eine Fehlermeldung erscheint überhaupt nicht. Es passiert rein gar nichts. An die Zurücksetzung mache ich mich gleich.

Grüße,
Auran aka Julian

Alt 29.04.2016, 18:59   #25
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Sodalle, hatte leider gerade keine Zeit, sorry. Deshalb erst jetzt.
Also die Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Admin (2016-04-29 19:57:04)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-11-18 11:42:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-140753515-2919073295-4058598123-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-140753515-2919073295-4058598123-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-140753515-2919073295-4058598123-503 - Limited - Disabled)
Gast (S-1-5-21-140753515-2919073295-4058598123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-140753515-2919073295-4058598123-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{8AE911BA-9AFB-435C-92C9-62BF228647AE}) (Version: 15.0.0 - Helmut Buhler)
ACD/Labs Freeware in E:\Program Files (x86)\ChemSketch\ (HKLM-x32\...\ACDLabs in E__Program_Files_(x86)_ChemSketch_) (Version: v14.00, FREE - ACD/Labs)
Adjustment Pattern software utility (HKLM-x32\...\Adjustment Pattern software utility) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Anvil Studio (HKLM-x32\...\{220A823C-2FB4-48D5-A49F-455D85D187A8}) (Version: 13.07.01 - Willow Software)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.5 - BlueJ Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Live Streamer (HKLM-x32\...\{90B6DE78-F018-4479-AEAC-0FF6712356D1}) (Version: 0.9.4000 - Charnet3D)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\GeoGebra 5) (Version: 5.0.172.0 - International GeoGebra Institute)
GitHub (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\5f7eb300e2ea4ebf) (Version: 3.0.4.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.)
Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Harry Potter und der Orden des Phönix™ (HKLM-x32\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version:  - )
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IntelliJ IDEA Community Edition 2016.1.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2016.1.1) (Version: 145.597.3 - JetBrains s.r.o.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 91 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 2016.1 (HKLM-x32\...\PhpStorm 2016.1) (Version: 145.258.2 - JetBrains s.r.o.)
Lakeside Reallife Launcher (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\48c76590b993d809) (Version: 1.0.0.15 - Lakeside Reallife)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{A6332FAE-114E-4B18-8FC9-AEF2410C84B7}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2015 Movie Score Edition Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{3DF585C2-BDD1-42F7-84E1-AB6191830E0E}) (Version: 21.0.0.30 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Version: 21.0.0.30 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 (HKLM-x32\...\MX.{C34122C7-9635-42AA-856B-FB819183509A}) (Version: 22.0.1.51 - MAGIX Software GmbH)
MAGIX Music Maker 2016 (Version: 22.0.1.51 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2016 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Hip Hop Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Movie Score Edition (HKLM-x32\...\MX.{692A8B82-1189-4DBF-B4C4-A285F4970E20}) (Version: 21.0.3.47 - MAGIX Software GmbH)
MAGIX Music Maker Movie Score Edition (Version: 21.0.3.47 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Movie Score Edition Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Rock Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Techno Edition 6 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{AD4A2318-33E8-4E3C-90F5-5E91D0EE8572}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel Heroes 2016 (HKLM\...\Steam App 226320) (Version:  - Gazillion Entertainment)
MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.8.12.11026) (Version: 1.8.12.11026 - MediaFire)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.93.20.0 - Overwolf Ltd.)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.2.2 - Bitsum)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Play withSIX Windows client (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\PlaywithSIX) (Version: 1.68.1153.2 - SIX Networks GmbH)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Eugen Systems)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rettungswagen Simulator 2012 (HKLM-x32\...\Rettungswagen Simulator 2012) (Version:  - )
Schiff-Simulator 2008 (HKLM-x32\...\ShipSim2008) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Time Clickers (HKLM-x32\...\Steam App 385770) (Version:  - Proton Studio Inc)
Ultracopier 1.2.2.0 (HKLM-x32\...\Ultracopier) (Version: 1.2.2.0 - Ultracopier)
Unity Web Player (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vita Century Keys (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Pop Brass (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Soundtrack Percussion (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Space Pad (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita World Flutes (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.14-0 - Bitnami)
YTRPG - Launcher (HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\60b8c81058e6119f) (Version: 2.0.0.31 - SpacePlay.DE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-140753515-2919073295-4058598123-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00CBCA41-2DBA-4201-867E-0D159637F24F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {08C03022-2F14-4056-A8FB-5C9D873A200C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {0B735A62-878B-4393-A4A9-8C95FFFD0F14} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {0C590825-E82C-49FC-A821-54CB4B699FAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-11] (Google Inc.)
Task: {0DD1569C-B667-4FF4-9E09-BEC5B5E21290} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {13DB8A51-8292-4F07-BE2B-AEC948A52799} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {15719DFF-D620-40C9-BAA0-D9D70138089D} - System32\Tasks\{9DD20992-C862-45DA-8AE8-8513F9B0B36E} => pcalua.exe -a "C:\Program Files (x86)\Auslogics\BoostSpeed\unins000.exe"
Task: {1C252EC4-0060-4411-BA3D-71EC04451D05} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-04-05] (Overwolf LTD)
Task: {1D0FE1B2-97C7-442E-B70F-92554292C602} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1F4C7508-50D6-4D0C-87E7-679C94D4ED81} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {24E8C960-52B4-4045-8250-B01C4501D140} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2973C204-ECE4-4615-91C6-24D61A8ADC2A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BD0EA9D-940A-4134-B15C-3EFCC4D565DA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2E05BE4F-4B8C-4D84-9C60-5983C2FA48C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {31509BF9-6808-4F3F-8A88-6CD20628DAA8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {38E21CC5-A7FD-4F97-99A2-19590CEB2851} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3BAEF89F-70DD-49D5-A2E3-D3657D296F59} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {452A39B5-338C-4743-8C9D-E3C94A060DE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4790C6CF-50CE-4E8C-8425-39B2D95162FB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {47D29803-AC70-4F42-9F61-C9A818F288CA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {504F3719-F240-4C02-90A3-78546B2F1AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5F6984FB-F0A4-4DB2-A465-010DCADBBEA3} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [2016-04-22] (Bitsum LLC)
Task: {60968398-1F72-4B60-9A85-D2EE08B60A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-11] (Google Inc.)
Task: {62382525-AD20-4127-BB06-43695633D152} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {623DA8F8-2B80-4CA4-B57D-D105D2C82760} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {65B69E76-E4D5-49E6-8885-95302FB3C0CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {671B6CCA-0BBE-462D-B699-69B31892D518} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {67574422-DF2E-400D-93FB-7F75D842E0AC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {6AEE10E9-3903-464D-A783-E9BC2038721B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6D299DCF-9047-45A8-A9DE-A702BD3497E0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {7363B6BD-824A-465E-A07B-8A74AA1C5329} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {82A5966F-E8DB-40E9-82D8-FE4C1F1E92E2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8546DBE6-AEDC-456B-A0C6-74D7A6ED5E05} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {864B97C4-6B1F-4279-9117-AD3357261E11} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {8E643E05-1F5E-4F84-B073-6B7EACD6F53E} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {9054AE16-23D9-4A39-801F-FA115FD5E37B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9A40B8FA-022C-465F-B8B6-9874CA5C97AC} - System32\Tasks\StartupStar Firewall => C:\Program Files (x86)\StartupStar\StartupStar.exe [2015-05-08] (Ascora GmbH)
Task: {A1512778-3A59-4AA0-8BE8-E528A02033A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A574E01F-E5B5-4A94-9BDA-5BE084D67BD3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AAA866D2-C18F-4866-8F5A-8089D30091B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {AB966AA9-144F-4CDB-B1CD-D5B2A5327DE1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {AD5F5A1C-89D6-48A2-9A55-96FDD778CDF2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C27E6520-F8BC-4983-8D63-F01B4419868D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C7CC8FD5-A95B-43B8-8B04-EBDA35676CFB} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {CF60743F-489C-4431-9182-BC01D92A847E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {CFD9CAEA-FC24-4E5A-9D27-0D251D55F0F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DE2B6F11-1BF0-4CDA-9119-D38D253CB0D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.)
Task: {E8BB2A6F-7088-4248-8B1D-5539EB584DAC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {E8EC247B-F6DA-482C-A1C1-E800DC1377BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F095CEA1-F331-4609-83D6-5D8259CBCA09} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\StartupStar Firewall.job => 

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Admin\Desktop\explorer.lnk -> C:\Users\Admin\Documents\explorer.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-18 13:35 - 2016-03-22 04:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-09 06:46 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2015-12-16 18:32 - 2015-11-05 20:36 - 00456176 _____ () C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
2016-03-31 12:13 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-31 12:13 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-31 12:13 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-03-31 12:13 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-29 11:09 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-29 11:09 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-29 11:09 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 20:36 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-29 11:09 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-29 11:09 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2015-12-16 18:32 - 2015-11-05 19:33 - 00235008 _____ () C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2015-12-18 08:17 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-26 14:41 - 2016-04-26 14:41 - 00080384 _____ () C:\Program Files\Ultracopier\libgcc_s_seh-1.dll
2016-04-26 14:41 - 2016-04-26 14:41 - 01013760 _____ () C:\Program Files\Ultracopier\libstdc++-6.dll
2015-11-08 11:20 - 2016-03-30 03:27 - 00165824 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-11-08 11:20 - 2016-03-30 03:28 - 00861120 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-03-29 16:17 - 2016-03-29 16:19 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 16:17 - 2016-03-29 16:19 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 08:35 - 2016-03-04 08:36 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-08-04 09:54 - 2016-04-29 18:45 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-08-04 09:53 - 2016-04-29 18:45 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-08-04 09:54 - 2016-04-29 18:45 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-08-04 09:54 - 2016-04-29 18:45 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-11-07 14:30 - 2016-01-17 20:58 - 04018176 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\task_force_radio_win64.dll
2015-08-04 09:54 - 2016-04-29 18:45 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-04-19 08:00 - 2016-04-19 08:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-13 17:28 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 17:28 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 17:28 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 17:28 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-06 17:48 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-08 11:20 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-16 00:27 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-16 00:27 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-04-16 00:27 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-16 00:27 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-16 00:27 - 2016-04-08 20:19 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-16 00:27 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-16 00:27 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-16 00:27 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 00:27 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-16 00:27 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-16 00:27 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-16 00:27 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-16 00:27 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-04-16 00:27 - 2016-04-08 20:20 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-16 00:27 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-16 00:27 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-30 22:02 - 2016-03-11 02:56 - 00783360 _____ () E:\Steam\SDL2.dll
2016-02-05 14:24 - 2015-07-03 18:12 - 04962816 _____ () E:\Steam\v8.dll
2016-04-04 16:32 - 2016-03-31 22:55 - 02549840 _____ () E:\Steam\video.dll
2016-02-05 14:24 - 2015-07-03 18:12 - 01556992 _____ () E:\Steam\icui18n.dll
2016-02-05 14:24 - 2015-07-03 18:12 - 01187840 _____ () E:\Steam\icuuc.dll
2016-03-09 22:54 - 2016-02-09 01:14 - 02549760 _____ () E:\Steam\libavcodec-56.dll
2016-03-09 22:54 - 2016-02-09 01:14 - 00491008 _____ () E:\Steam\libavformat-56.dll
2016-03-09 22:54 - 2016-02-09 01:14 - 00332800 _____ () E:\Steam\libavresample-2.dll
2016-03-09 22:54 - 2016-02-09 01:14 - 00442880 _____ () E:\Steam\libavutil-54.dll
2016-03-09 22:54 - 2016-02-09 01:14 - 00485888 _____ () E:\Steam\libswscale-3.dll
2016-04-04 16:32 - 2016-03-31 22:55 - 00829008 _____ () E:\Steam\bin\chromehtml.DLL
2016-03-09 22:54 - 2016-02-18 00:25 - 00281088 _____ () E:\Steam\openvr_api.dll
2016-03-09 22:54 - 2016-02-09 03:33 - 48400672 _____ () E:\Steam\bin\libcef.dll
2016-02-05 14:24 - 2015-09-25 01:56 - 00119208 _____ () E:\Steam\winh264.dll
2016-04-19 08:00 - 2016-04-19 08:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 08:00 - 2016-04-19 08:02 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Admin\Desktop\Schwarzweiß.JPG:com.dropbox.attributes [424]
AlternateDataStreams: C:\Users\Admin\AppData\Local\R7ZBFMcHvmUmFZ:3Si4lqMHjPBoPX9x8k4XVoJ5AP0 [2234]
AlternateDataStreams: C:\Users\Admin\AppData\Local\yx7ceE7ZOXkJA:jtwU9Xm4YglUwnEzK3Z4v [2246]
AlternateDataStreams: C:\ProgramData\Temp:9F3C1A6B [223]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-140753515-2919073295-4058598123-1000\Control Panel\Desktop\\Wallpaper -> c:\users\admin\pictures\saved pictures\london_big_ben_night_river_building_top_view_black_white_30804_2560x1080.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LibreOffice 4.3.lnk => C:\Windows\pss\LibreOffice 4.3.lnk.Startup
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\StartupFolder: => "Orga-Nicer.lnk"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\StartupApproved\Run: => "Free Hide IP"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{923CA357-2EBD-4BCD-80A7-AFE31DF1DC80}] => (Allow) E:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{345610A5-5629-45E6-8637-241246AD2072}] => (Allow) E:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{6EC9136A-6057-47FA-9BDB-F0A3508B7FD9}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{26E762D4-7ED3-40B6-9998-7C16331EB188}] => (Allow) E:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7C54F452-A8A4-4B5B-94A0-E48785D8D498}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E6896CB8-5417-42B8-9B18-3BCAE4F64618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2233978-9424-4981-9C88-38E199CC0709}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9D007525-9BF4-43CF-854B-8630A52EF557}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A3FDE9CA-9A46-48EA-B683-77DEEB8D28B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{974267FC-C117-469C-A3E5-CDEC044CE59C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{44AA3335-CEA2-4210-8F93-A5195DA8C327}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3A0B90AF-5F99-4888-8EB6-13F629E97A53}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F43B0ED1-200E-4077-A4E0-3395B2BFE9B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3F66255-6112-4C77-AFC7-1C8842411850}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5D73687-C04E-468F-8073-E569EC49AB41}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5C8E20B-DB4E-4113-87A6-CBE107620908}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{984A952F-B493-4A2C-BE4A-F04FFBEE752C}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{650EE30A-51F1-4A3B-954A-DA07FDD5AE24}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{9527E534-16ED-4B38-BB6C-053AB1FD9B98}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\0VELLGD7.MXP\6Y01LJOM.VB9\yt-r..tion_eecbe13070c567f8_0002.0000_36ab133cf97c9f38\YT-RPG Launcher.exe
FirewallRules: [{0FD8DB08-7CC4-4770-87A8-1F0A01DDDCC0}] => (Allow) E:\MAGIX\Music Maker 2016\MusicMaker.exe
FirewallRules: [{74BFE77D-AC75-4D70-8A07-CF1B77620996}] => (Allow) E:\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [UDP Query User{344A099F-F1DF-4E21-8FA2-264AA43B4331}E:\program files (x86)\1avshare\1avshare.exe] => (Allow) E:\program files (x86)\1avshare\1avshare.exe
FirewallRules: [TCP Query User{F8DA4428-6DB5-41FE-BCB7-E481C0C09FAD}E:\program files (x86)\1avshare\1avshare.exe] => (Allow) E:\program files (x86)\1avshare\1avshare.exe
FirewallRules: [{DC4BE2CF-7BB1-416F-BF02-F3C75840254E}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{F6FE52D5-14AC-46B8-A10F-7BE303AD2042}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{A23FAD0F-3C20-460F-8FB7-B134DEEF74E7}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4247A8FD-F113-4FD1-A95C-EB05F77BAD85}] => (Allow) E:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{F0A8659D-4F6F-4C05-8ECD-EE50A13B7F73}] => (Allow) E:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{420A87D0-EF33-4E70-B42D-56CA5A992540}] => (Allow) E:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [UDP Query User{C7E7A3B6-7D43-4411-895B-1E5038E17DF4}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{6F3C633C-68AE-4E26-B1A0-90D96A93A2D1}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{5642CB22-1CAB-4038-8210-FDA6B2B80EB7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{95EC4D97-4290-4AF5-A3D4-87D66820E35B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C34CCCB2-29D4-4971-9CB0-4552886BDF42}] => (Allow) E:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{F0C4107A-BE23-4D7E-A3B9-8EDE13B94491}] => (Allow) E:\Steam\steamapps\common\WOG\disasm.exe
FirewallRules: [{55277EBC-87A9-4BEF-B5DF-0E1E43625DEF}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{8850F4E4-57E3-4819-A4AF-D286AD8825F0}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{0729B5FC-5194-41EF-BDB0-81A796BB75F5}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [{6247E1E1-4768-4B65-B929-05A0938249DB}] => (Allow) C:\Users\Admin\AppData\Local\PlaywithSIX\Update.exe
FirewallRules: [UDP Query User{458AF759-863D-4887-9131-8110C5A6BA93}E:\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [TCP Query User{B221AC51-EF98-4549-8C0D-668C1C1596EF}E:\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{6C8F3D66-77E0-42FA-95AD-288A316F69F3}E:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{69255F24-97E9-428F-9A56-D7934DB7ECB2}E:\steam\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{FE4F52B7-4B5A-4EF2-8D6F-2A58AA2BDEE3}] => (Allow) E:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{8B3B1FB4-A0DF-451D-B748-B0D1B481AEAC}] => (Allow) E:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{49786D9C-5A15-42FF-98C5-59A7287DDE46}] => (Allow) E:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{25FAAD6A-EC72-4A53-9BFC-792DB6961456}] => (Allow) E:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{CC751B56-ED04-4023-9E6D-0CE532E64DF2}] => (Allow) E:\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe
FirewallRules: [{29D5A69A-4C03-4A29-B4A5-E123B8D05010}] => (Allow) E:\Steam\steamapps\common\The Way of Life\TheWayOfLifeDemoWindows.exe
FirewallRules: [{BB2F3811-143D-4705-AC2C-C26B91C03316}] => (Allow) E:\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{FD48AFD5-FC74-4EC6-B4AA-A8A2D89CCB85}] => (Allow) E:\Steam\steamapps\common\TimeClickers\TimeClickers.exe
FirewallRules: [{D4952C73-807B-47FA-BF4F-2AA387FC5CB4}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{789CE98B-BCB1-4E2F-968A-FDDA2965CECD}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C994A821-A728-4020-BC6E-82F37A79DD3E}] => (Allow) LPort=1900
FirewallRules: [{F99B7E14-9615-482F-8928-EDE33AEC69D2}] => (Allow) LPort=2869
FirewallRules: [{2C7E5939-BB25-46B8-A6BF-CD706E29EF5C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7E0B5BF-349E-4A8C-9406-158939F48293}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{362C6BA7-FCB1-49EC-9925-9D4C0C473053}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10C1A13A-F5E6-48DE-8167-D00678FE74FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F3944541-4B83-4AD5-A453-EFA816718841}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0E74BEDA-FC58-4A7B-9455-1F871BE62BA2}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{368C710D-5798-4B62-BF93-E347DAF1F965}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CACB486F-F952-4CDC-827C-E9A1960E1763}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1D72D9F7-ACC6-4EA3-9079-E7A771C79057}] => (Allow) E:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{CC520600-1E1F-4BD5-B78A-2AC3E5873AA4}] => (Allow) E:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [TCP Query User{49E367C6-1069-42F8-A410-A165FB534013}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{BD4BE9D1-FAA0-4AC0-9D37-D88113C96F74}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{479EC266-DE50-45D3-950B-3823ACA2552B}E:\xampp\filezillaftp\filezillaserver.exe] => (Allow) E:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{B68FDA55-DD06-438D-AE6D-1AD468E57C6F}E:\xampp\filezillaftp\filezillaserver.exe] => (Allow) E:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{9E6F905F-AE4D-4E1A-9B62-6C2D5827F42A}E:\xampp\mercurymail\mercury.exe] => (Allow) E:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{C230A7F6-6E41-4033-B374-E8D660B54ED8}E:\xampp\mercurymail\mercury.exe] => (Allow) E:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{08B7B836-E241-43C9-AA15-C3791F430C62}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [UDP Query User{7ABA0A93-FE69-4E60-8043-5FDF9B68E124}C:\program files\java\jre1.8.0_65\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{FA7C304A-6082-46F9-9497-23EA6AD40795}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{24BA6DD5-8040-4CDA-A037-6E78001EBB5F}] => (Allow) E:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{B54DB871-836F-4946-9DCC-F0FB9DB56526}E:\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{79721241-14ED-4C23-B7DC-AA979FD7126D}E:\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{9B26A4CF-15D3-4EBA-B024-495DE527278B}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{7E6B8B8A-95F9-486C-9519-EE1012B18A1E}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{C9AF479A-1F24-43D4-8049-C4ED7FDADBA5}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{E7D4EE5D-66FF-4836-AEE8-D8974445E5DC}] => (Allow) E:\MAGIX\Music Maker 2015 Premium\MusicMaker.exe
FirewallRules: [{39DF4F46-FF74-4028-98CB-FE730DAE8F7F}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{32FCD7A7-6C7D-4908-9D7E-7FDDDA2CAEF3}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{486F5F47-AAF7-426D-B0C7-D340581EEF5D}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [{34EEE5D9-2A7A-448C-9213-98F36FB3718D}] => (Allow) E:\MAGIX\Music Maker Movie Score Edition\MusicMaker.exe
FirewallRules: [TCP Query User{845FB6A7-7302-459B-B32D-51387A971F35}E:\program files (x86)\brackets\node.exe] => (Allow) E:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{56DEDA84-2F1E-416C-BEB8-265515EC8D1B}E:\program files (x86)\brackets\node.exe] => (Allow) E:\program files (x86)\brackets\node.exe
FirewallRules: [TCP Query User{89D9D066-6CB5-4D71-86F9-C89132E88D90}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [UDP Query User{A5698EE8-6F6F-4460-9FF8-C1C818038148}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [TCP Query User{E9886C8A-901B-4A7F-BD93-C1D999593FC1}F:\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) F:\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{7D0C4576-A9F2-44C1-9529-B0DF6926D6D3}F:\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) F:\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{12316E4D-30AC-4D34-98EA-91F40159D892}F:\portableapps\utorrentportable\app\utorrent\utorrent.exe] => (Allow) F:\portableapps\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{BAF4EB8F-608A-47ED-8E30-A52BB6C538DB}F:\portableapps\utorrentportable\app\utorrent\utorrent.exe] => (Allow) F:\portableapps\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B21AAC2B-47B2-4ABF-AA7D-0EBAE73DD2AF}C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe] => (Allow) C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe
FirewallRules: [UDP Query User{1C599FB3-4731-4934-B8AB-FC5955D31384}C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe] => (Allow) C:\users\admin\downloads\xonotic-0.8.1\xonotic\xonotic.exe
FirewallRules: [TCP Query User{C8E8A56B-3DC9-40B1-BA88-9D479D26CBD8}E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe
FirewallRules: [UDP Query User{A0FEA453-4AA5-4A53-A6B2-112F8B72180A}E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\php-mars\eclipse\eclipse.exe
FirewallRules: [TCP Query User{C6414EAF-EA50-48D7-8C81-A2ACC23140E3}E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe
FirewallRules: [UDP Query User{B06CAAFF-9455-463C-9353-B482F183F317}E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) E:\program files (x86)\eclipse\java-mars\eclipse\eclipse.exe
FirewallRules: [{AFD9AB39-19AF-4E9F-B954-FC8E921109EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{1E691773-2067-4A22-B386-78D7FE8522F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BB1B0086-B738-47F7-AC48-6A2F660FCE87}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{09E6100D-98F2-49DF-8E1B-3EEBEB8ED02E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{23B2EC31-32C3-44B9-8A9C-66A8ECFD0DEF}E:\simulatoren\emergency 4\em4.exe] => (Allow) E:\simulatoren\emergency 4\em4.exe
FirewallRules: [UDP Query User{DD9B3E66-FFBA-4F7B-9F69-9C8C1335346A}E:\simulatoren\emergency 4\em4.exe] => (Allow) E:\simulatoren\emergency 4\em4.exe
FirewallRules: [TCP Query User{AA41909C-A535-4745-8CCD-F877C936543A}F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe] => (Allow) F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe
FirewallRules: [UDP Query User{36CEC0B3-1BA1-4705-A9E3-9E9A71945398}F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe] => (Allow) F:\jetbrains\phpstorm 2016.1\bin\phpstorm.exe
FirewallRules: [{BE0E3E49-75BA-4AE4-A4CB-59C18A7EF04E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{43420B2C-CBE2-4E77-94E5-102FD67F56E0}] => (Allow) E:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{BDD556F2-9708-4CFA-8B89-616A65DE5263}] => (Allow) E:\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2016.exe
FirewallRules: [{CE75716B-7F2C-43EB-B545-7321E23B5AF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9EAA9A63-0134-434F-9975-92ACF5AA7931}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{EDE2509E-DF3D-4F1E-8031-7CBEC3CFC020}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CA893556-F828-47CE-85FD-AE2ACF576C72}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{823E93F9-122E-4942-BCD0-839CD246046C}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

27-04-2016 17:47:48 Prüfpunkt von HitmanPro

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: VirtualBox Host-Only Ethernet Adapter #2
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 07:46:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x98c
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 07:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x20a8
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 07:17:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x1fb8
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 07:02:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0xa50
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 06:47:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x1f78
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 06:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x27c4
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 06:17:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x25e8
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 06:02:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x218
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 05:47:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x199c
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (04/29/2016 05:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.36, Zeitstempel: 0x56eb679c
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a84cbb
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00166fb1
ID des fehlerhaften Prozesses: 0x26e4
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5


Systemfehler:
=============
Error: (04/29/2016 07:49:13 PM) (Source: DCOM) (EventID: 10016) (User: julian_tower_01)
Description: AnwendungsspezifischLokalAktivierung{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}julian_tower_01AdminS-1-5-21-140753515-2919073295-4058598123-1000LocalHost (unter Verwendung von LRPC)Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

Error: (04/29/2016 06:50:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/28/2016 10:30:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/28/2016 10:30:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_575bb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/28/2016 10:30:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _575bb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/28/2016 10:30:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_575bb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/28/2016 10:30:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_575bb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/28/2016 06:55:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2016 10:14:23 PM) (Source: DCOM) (EventID: 10010) (User: julian_tower_01)
Description: {53362C64-A296-4F2D-A2F8-FD984D08340B}

Error: (04/27/2016 10:14:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_579b7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-04-14 18:23:53.149
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 07:03:53.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-13 17:56:22.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-25 23:43:47.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 18:29:34.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 08:03:00.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-10 07:27:01.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 19:09:19.006
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-08 16:51:56.390
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-08 16:50:34.468
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16239.72 MB
Verfügbarer physikalischer RAM: 12963.04 MB
Summe virtueller Speicher: 32623.72 MB
Verfügbarer virtueller Speicher: 28890.41 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.58 GB) (Free:6.1 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:113.9 GB) NTFS
Drive f: () (Removable) (Total:29.81 GB) (Free:17.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 251FFFDD)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 29.8 GB) (Disk ID: 0C1D6839)
Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 29.04.2016, 19:00   #26
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Admin (Administrator) auf JULIAN_TOWER_01 (29-04-2016 19:56:37)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Ascora GmbH) C:\Program Files (x86)\StartupStar\StartupStar.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ultracopier.first-world.info) C:\Program Files\Ultracopier\ultracopier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2015-10-27] (Pixart Imaging Inc)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [ultracopier] => C:\Program Files\Ultracopier\ultracopier.exe [863232 2016-04-26] (ultracopier.first-world.info)
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [58632 2015-06-08] (Lamantine Software a.s.)
HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Run: [MediaFire Tray] => [X]
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Admin\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2015-11-05] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PortableApps.com Platform.lnk [2016-04-23]
ShortcutTarget: PortableApps.com Platform.lnk -> F:\PortableApps\PortableApps.com\PortableAppsPlatform.exe (PortableApps.com)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97a5b698-81f2-43ea-8f10-cb4e459388cb}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-140753515-2919073295-4058598123-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default
FF Homepage: about:home
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-140753515-2919073295-4058598123-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2015-06-08] (Lamantine Software a.s.)
FF Plugin HKU\S-1-5-21-140753515-2919073295-4058598123-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: ColorZilla - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-01-09]
FF Extension: Print Edit - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\extensions\printedit@DW-dev.xpi [2016-03-25]
FF Extension: MeasureIt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2016-04-06]
FF Extension: Firebug - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: Ghostery - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@ghostery.com.xpi [2016-03-25]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@mega.co.nz.xpi [2016-04-11]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\firefox@zenmate.com.xpi [2016-03-02]
FF Extension: livestreamer-launch-on-twitchtv - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\jid0-ejMp5KBTzj5BvuJfYkXoSZaOFjY@jetpack.xpi [2016-02-09]
FF Extension: Pin It button - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-07-07]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47fjxat8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Firebug - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\77hr23bt.default-1461952228432\Extensions\firebug@software.joehewitt.com.xpi [2016-04-29]
FF Extension: Ghostery - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\77hr23bt.default-1461952228432\Extensions\firefox@ghostery.com.xpi [2016-04-29]
FF HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill
FF Extension: Sticky Password Autofill Engine - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2015-09-14] [ist nicht signiert]
FF HKU\S-1-5-21-140753515-2919073295-4058598123-1000\...\Thunderbird\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Admin\AppData\Roaming\Lamantine\Sticky Password\spAutofill

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-23]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-23]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-23]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (Ghostery) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-04-23]
CHR Extension: (SmoothScroll) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbokbjkabcmbfdlbddjidfmibcpneigj [2016-04-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Sticky Password Autofill Engine) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ggepjhbdgijjkbelnggboeoehacbphed [2016-01-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [210416 2015-11-05] ()
R2 MF NTFS Monitor; C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe [456176 2015-11-05] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2057736 2015-09-14] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-04-05] (Overwolf LTD)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-10] (Avira Operations GmbH & Co. KG)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-20] (Intel Corporation)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-11-05] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RTCore64; E:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2015-10-27] ()
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 19:50 - 2016-04-29 19:50 - 00000000 ____D C:\Users\Admin\Desktop\Alte Firefox-Daten
2016-04-29 06:55 - 2016-04-29 06:55 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-28 06:58 - 2016-04-28 06:58 - 00002121 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-04-28 06:58 - 2016-04-28 06:58 - 00002119 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-04-28 06:58 - 2016-04-28 06:58 - 00002109 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-04-28 06:53 - 2016-04-28 06:53 - 00854872 _____ (Bitsum LLC) C:\Users\Admin\Downloads\parkcontrolsetup64 (1).exe
2016-04-28 06:53 - 2016-04-28 06:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParkControl
2016-04-27 17:48 - 2016-04-27 17:48 - 00001008 _____ C:\WINDOWS\system32\.crusader
2016-04-26 21:54 - 2016-04-26 21:55 - 06722227 _____ C:\Users\Admin\Downloads\ultracopier-windows-x86_64-1.2.2.0-setup.exe
2016-04-26 21:50 - 2016-04-26 21:50 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-04-26 21:50 - 2016-04-26 21:48 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2016-04-26 21:49 - 2016-04-26 21:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-26 21:49 - 2016-04-26 21:48 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-04-26 21:08 - 2016-04-27 17:48 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-26 19:32 - 2016-04-26 19:33 - 11441168 _____ (SurfRight B.V.) C:\Users\Admin\Desktop\HitmanPro_x64.exe
2016-04-26 19:30 - 2016-04-26 19:30 - 02870984 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu(1).exe
2016-04-26 16:11 - 2016-04-26 16:16 - 57666112 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u91-windows-x64.exe
2016-04-26 16:11 - 2016-04-26 16:16 - 50874432 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u91-windows-i586.exe
2016-04-26 08:56 - 2016-04-26 08:56 - 03312161 _____ C:\Users\Admin\Desktop\Quarantine.zip
2016-04-25 22:06 - 2016-04-25 22:07 - 00003683 _____ C:\Users\Admin\Desktop\Fixlog.txt
2016-04-25 19:35 - 2016-04-25 19:35 - 00037566 _____ C:\Users\Admin\Desktop\mbam5.zip
2016-04-25 19:18 - 2016-04-25 19:18 - 00675907 _____ C:\Users\Admin\Desktop\mbam5.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00010199 _____ C:\Users\Admin\Desktop\mbam4.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00004147 _____ C:\Users\Admin\Desktop\mbam3.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00001887 _____ C:\Users\Admin\Desktop\mbam6.txt
2016-04-25 19:18 - 2016-04-25 19:18 - 00001602 _____ C:\Users\Admin\Desktop\mbam2.txt
2016-04-25 16:53 - 2016-04-29 19:56 - 00030852 _____ C:\Users\Admin\Desktop\FRST.txt
2016-04-25 16:53 - 2016-04-26 21:31 - 00077915 _____ C:\Users\Admin\Desktop\Addition.txt
2016-04-25 16:53 - 2016-04-25 16:53 - 00000000 ____D C:\Users\Admin\Desktop\old_troj
2016-04-25 16:52 - 2016-04-25 16:52 - 00000670 _____ C:\Users\Admin\Desktop\JRT.txt
2016-04-25 16:49 - 2016-04-25 16:49 - 00001195 _____ C:\Users\Admin\Desktop\mbam.txt
2016-04-25 16:49 - 2016-04-25 16:47 - 01610008 _____ (Malwarebytes) C:\Users\Admin\Desktop\JRT.exe
2016-04-25 16:46 - 2016-04-25 16:47 - 01610008 _____ (Malwarebytes) C:\Users\Admin\Downloads\JRT.exe
2016-04-25 16:42 - 2016-04-25 19:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-25 16:42 - 2016-04-25 16:42 - 00001187 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-25 16:42 - 2016-04-25 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-25 16:41 - 2016-04-25 19:17 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-04-25 16:41 - 2016-04-25 16:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-25 16:41 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-25 16:41 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-25 16:41 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-25 16:40 - 2016-04-25 16:41 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-04-25 16:38 - 2016-04-25 16:35 - 00001250 _____ C:\Users\Admin\Desktop\AdwCleaner[S4].txt
2016-04-25 16:36 - 2016-04-25 16:36 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-04-25 16:34 - 2016-04-25 16:33 - 03580480 _____ C:\Users\Admin\Desktop\AdwCleaner_5.113.exe
2016-04-25 16:33 - 2016-04-25 16:33 - 03580480 _____ C:\Users\Admin\Downloads\AdwCleaner_5.113.exe
2016-04-25 16:22 - 2016-04-25 16:22 - 00016536 _____ C:\Users\Admin\Downloads\Addition.RAR
2016-04-24 17:01 - 2016-04-24 17:01 - 09937586 _____ C:\Users\Admin\Downloads\Journey into a Schwarzschild black hole (plain)-HD.zip
2016-04-24 16:25 - 2016-04-24 16:26 - 00047309 _____ C:\Users\Admin\Desktop\TDSS.txt
2016-04-24 16:24 - 2016-04-24 16:48 - 00094708 _____ C:\TDSSKiller.3.1.0.9_24.04.2016_16.24.19_log.txt
2016-04-24 16:24 - 2016-04-24 16:24 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2016-04-24 16:23 - 2016-04-24 16:24 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe
2016-04-24 16:22 - 2016-04-24 09:37 - 02375680 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-04-24 10:13 - 2016-04-24 10:13 - 00057115 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-35-08).zip
2016-04-24 10:10 - 2016-04-24 09:57 - 00003714 _____ C:\Users\Admin\Desktop\protection-log-2016-04-24.txt
2016-04-24 10:10 - 2016-04-23 21:48 - 00026059 _____ C:\Users\Admin\Desktop\protection-log-2016-04-23.txt
2016-04-24 10:10 - 2016-04-23 11:05 - 01693510 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-35-08).txt
2016-04-24 10:10 - 2016-04-23 10:35 - 00004586 _____ C:\Users\Admin\Desktop\mbam-log-2016-04-23 (10-33-47).txt
2016-04-24 09:58 - 2016-04-24 09:58 - 00036758 _____ C:\Users\Admin\Desktop\avira.txt
2016-04-24 09:38 - 2016-04-24 16:22 - 00079584 _____ C:\Users\Admin\Downloads\Addition.txt
2016-04-24 09:37 - 2016-04-29 19:56 - 00000000 ____D C:\FRST
2016-04-24 09:37 - 2016-04-24 16:22 - 00103278 _____ C:\Users\Admin\Downloads\FRST.txt
2016-04-24 09:37 - 2016-04-24 09:37 - 02375680 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-04-23 18:19 - 2016-04-23 18:20 - 09944494 _____ C:\Users\Admin\Downloads\Journey into a Schwarzschild black hole (plain)-HD.mp4
2016-04-23 18:02 - 2016-04-23 18:02 - 23733211 _____ C:\Users\Admin\Downloads\blackhole.wmv
2016-04-23 17:29 - 2016-04-24 09:30 - 00001412 _____ C:\Users\Admin\Desktop\eset.txt
2016-04-23 15:04 - 2016-04-23 15:09 - 62034496 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jre-8u92-windows-x64.exe
2016-04-23 14:58 - 2016-04-23 14:58 - 00852720 _____ C:\Users\Admin\Downloads\SecurityCheck.exe
2016-04-23 14:00 - 2016-04-23 14:00 - 02870984 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2016-04-23 14:00 - 2016-04-23 14:00 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-23 13:49 - 2016-04-23 13:49 - 29554591 _____ C:\Users\Admin\Desktop\kunst.zip
2016-04-23 10:45 - 2016-04-23 11:49 - 00000080 _____ C:\Users\Public\Desktop\Need for SpeedT Most Wanted.lnk
2016-04-23 10:45 - 2016-04-23 11:49 - 00000080 _____ C:\Users\Public\Desktop\Harry Potter und der Orden des PhönixT.lnk
2016-04-23 10:29 - 2016-04-23 10:29 - 03683904 _____ C:\Users\Admin\Downloads\adwcleaner_5.112 (1).exe
2016-04-23 10:26 - 2016-04-23 10:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 10:25 - 2016-04-23 10:26 - 22851472 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-23 10:06 - 2016-04-23 11:49 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-23 10:06 - 2016-04-23 11:49 - 00002320 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-22 13:35 - 2016-04-23 11:49 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-22 13:35 - 2016-04-23 11:49 - 00001272 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-22 13:35 - 2016-04-22 13:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Thunderbird
2016-04-22 13:35 - 2016-04-22 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-22 13:31 - 2016-04-22 13:32 - 00000000 ____D C:\Users\Admin\Desktop\h4u14u3r.default
2016-04-22 13:30 - 2016-04-22 13:32 - 34809392 _____ (Mozilla) C:\Users\Admin\Downloads\Thunderbird_Setup_45.0__1_.exe
2016-04-21 23:10 - 2016-04-23 11:49 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001045 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-21 23:10 - 2016-04-23 11:49 - 00001040 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-21 23:07 - 2016-04-25 16:36 - 00000000 ____D C:\AdwCleaner
2016-04-21 23:07 - 2016-04-21 23:07 - 03683904 _____ C:\Users\Admin\Downloads\adwcleaner_5.112.exe
2016-04-21 21:42 - 2016-04-21 21:56 - 00018645 _____ C:\Users\Admin\Downloads\Pausenverkauf_Onlinereservierung.xlsx
2016-04-21 21:42 - 2016-04-21 21:49 - 00017012 _____ C:\Users\Admin\Downloads\Pausenverkauf_Direktverkauf.xlsx
2016-04-21 07:46 - 2016-04-21 07:55 - 196518456 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jdk-8u91-windows-x64.exe
2016-04-20 07:07 - 2016-04-20 07:07 - 00000000 ____D C:\Users\Admin\Downloads\Lakeside+Spotfinder
2016-04-20 07:06 - 2016-04-20 07:07 - 05936298 _____ C:\Users\Admin\Downloads\Lakeside+Spotfinder.zip
2016-04-19 23:39 - 2016-04-19 23:39 - 00000000 ____D C:\Program Files (x86)\Comodo Antivirus
2016-04-19 23:36 - 2016-04-19 23:37 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-19 23:33 - 2016-04-19 23:33 - 00309248 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\wmpfirefoxplugin.exe
2016-04-19 22:10 - 2016-04-19 22:10 - 00000000 ____D C:\Users\Admin\.IdeaIC2016
2016-04-19 22:06 - 2016-04-23 11:49 - 00000571 _____ C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 2016.1.1.lnk
2016-04-19 21:46 - 2016-04-19 21:58 - 265691264 _____ C:\Users\Admin\Downloads\ideaIC-2016.1.1.exe
2016-04-19 16:06 - 2016-04-23 11:49 - 00001209 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-04-16 00:27 - 2016-04-16 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 07:04 - 2016-04-14 07:11 - 129577680 _____ (PortableApps.com) C:\Users\Admin\Downloads\LibreOfficePortable_5.1.1_MultilingualStandard.paf.exe
2016-04-13 17:55 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-13 17:55 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-13 17:29 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 17:29 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 17:29 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 17:29 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 17:29 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 17:29 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 17:29 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 17:29 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 17:29 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 17:29 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 17:29 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 17:29 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 17:29 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 17:29 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 17:29 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 17:29 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 17:29 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 17:29 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 17:29 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 17:29 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 17:29 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 17:29 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 17:29 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 17:29 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 17:29 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 17:29 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 17:29 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 17:29 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 17:29 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 17:29 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 17:28 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 17:28 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 17:28 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 17:28 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 17:28 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 17:28 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 17:28 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 17:28 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 17:28 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 17:28 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 17:28 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 17:28 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 17:28 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 17:28 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 17:28 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 17:28 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 17:28 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 17:28 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 17:28 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 17:28 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 17:28 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 17:28 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 17:28 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 17:28 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 17:28 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 17:28 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 17:28 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 17:28 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 17:28 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 17:28 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 17:28 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 17:28 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 17:28 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 17:28 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 17:28 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 17:28 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 17:28 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 17:28 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 17:28 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 17:28 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 17:28 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 17:28 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 17:28 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 17:28 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 17:28 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 17:28 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 17:28 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 17:28 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 17:28 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 17:28 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 17:28 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 17:28 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 17:28 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 17:28 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 17:28 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 17:28 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 17:28 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 17:28 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 17:28 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 17:28 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 17:28 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 17:28 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 17:28 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 17:28 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 17:28 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 17:28 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 17:28 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 17:28 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 17:28 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 17:28 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 17:28 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 17:28 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 17:28 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 17:28 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 17:28 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 17:28 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 17:28 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 17:28 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 17:28 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 17:28 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 17:28 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 17:28 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 17:28 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 17:28 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 17:28 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 17:28 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 17:28 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 17:28 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 17:28 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 17:28 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 17:28 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 17:28 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 17:28 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 17:28 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 17:28 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 17:28 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 17:28 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 17:28 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 17:28 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 17:28 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 17:28 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 17:28 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 17:28 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 17:28 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 17:28 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 17:28 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 17:28 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 17:28 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 17:28 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 17:28 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 17:28 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 17:28 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:28 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 17:28 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 17:28 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 17:28 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 17:28 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 17:28 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 17:28 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 17:28 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 17:28 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 17:28 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 17:28 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 17:28 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 17:28 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 17:28 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 17:28 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 17:28 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 17:28 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 17:28 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 17:28 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 17:28 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 17:28 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 17:28 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 17:28 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 17:28 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 17:28 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 17:28 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 17:28 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 17:28 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 17:28 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 17:28 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 17:28 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 17:28 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 17:28 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 17:28 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 17:28 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 17:28 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 17:28 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 17:28 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 17:28 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:28 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 17:28 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:28 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 17:28 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 17:28 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 17:28 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 17:28 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 17:28 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 17:28 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 17:28 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 17:28 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 17:28 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 17:28 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 17:28 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 17:28 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 17:28 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 17:28 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 17:28 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 17:28 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 17:28 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 17:28 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 17:28 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 17:28 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 17:28 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 17:28 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 17:28 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 17:28 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 17:28 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 17:28 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 17:28 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 17:28 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 17:28 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 17:28 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 17:28 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 17:28 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 17:28 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 17:28 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 17:28 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 17:28 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 17:28 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 17:28 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 17:28 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 17:28 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 17:28 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 17:28 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 17:28 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 17:28 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 17:28 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 17:28 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 17:28 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 17:28 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 14:26 - 2016-04-13 16:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-11 08:40 - 2016-04-11 08:40 - 03154031 _____ C:\Users\Admin\Downloads\39-245-1-PB.pdf
2016-04-08 23:02 - 2016-04-08 23:02 - 00000000 ____D C:\Users\Admin\Downloads\sp@-co@02_behind-enemy-lines_v1-1.altis
2016-04-08 23:00 - 2016-04-08 23:01 - 02260833 _____ C:\Users\Admin\Downloads\sp@-co@02_behind-enemy-lines_v1-1.altis.7z
2016-04-08 22:53 - 2016-04-08 22:53 - 00172068 _____ C:\Users\Admin\Downloads\brh_sniperRange_v102.zip
2016-04-08 22:53 - 2016-04-08 22:53 - 00000000 ____D C:\Users\Admin\Downloads\brh_sniperRange_v102
2016-04-08 22:46 - 2016-04-08 22:46 - 00088521 _____ C:\Users\Admin\Downloads\awp_map_v1.2.Stratis.rar
2016-04-08 22:46 - 2016-04-08 22:46 - 00000000 ____D C:\Users\Admin\Downloads\awp_map_v1.2.Stratis
2016-04-07 16:57 - 2016-04-07 16:57 - 00000202 _____ C:\Users\Admin\Desktop\Marvel Heroes 2016.url
2016-04-06 20:18 - 2016-04-06 20:18 - 00002909 _____ C:\Users\Admin\Downloads\5JYG2AJIFF.txt
2016-04-06 20:16 - 2016-04-06 20:16 - 00004640 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2016-04-06 19:04 - 2016-04-06 19:04 - 00401184 _____ C:\Users\Admin\Downloads\Army.zip
2016-04-06 19:04 - 2016-04-06 19:04 - 00000000 ____D C:\Users\Admin\Downloads\Army
2016-04-06 19:01 - 2016-04-06 20:16 - 00228932 _____ C:\Users\Admin\Documents\header_new-project.xcf
2016-04-06 19:01 - 2016-04-06 19:01 - 00026276 _____ C:\Users\Admin\Downloads\armalite-rifle.zip
2016-04-06 19:01 - 2016-04-06 19:01 - 00000000 ____D C:\Users\Admin\Downloads\armalite-rifle
2016-04-05 21:16 - 2016-04-05 21:16 - 01273528 _____ C:\Users\Admin\Desktop\bewerbung_zoll.odt
2016-04-05 21:16 - 2016-04-05 21:16 - 01273520 _____ C:\Users\Admin\Desktop\bewerbung_polizei_2.odt
2016-04-05 21:05 - 2014-07-09 13:38 - 00019453 _____ C:\Users\Admin\Desktop\Lebenslauf.odt
2016-04-05 21:05 - 2013-11-07 15:57 - 01271153 _____ C:\Users\Admin\Desktop\bewerbung_polizei.odt
2016-04-03 09:12 - 2016-04-03 09:18 - 124274392 _____ (Bitnami) C:\Users\Admin\Downloads\xampp-win32-7.0.4-0-VC14-installer.exe
2016-04-03 08:58 - 2016-04-03 08:58 - 00000000 ____D C:\Users\Admin\Downloads\gameportal
2016-04-03 08:55 - 2016-04-03 08:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\JetBrains
2016-04-03 08:55 - 2016-04-03 08:55 - 00000000 ____D C:\Users\Admin\.PhpStorm2016.1
2016-04-03 08:52 - 2016-04-19 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2016-04-02 21:31 - 2016-04-02 21:41 - 174316232 _____ C:\Users\Admin\Downloads\PhpStorm-2016.1.exe
2016-04-02 10:51 - 2016-04-02 10:51 - 00000000 ____D C:\Users\Admin\Downloads\pulseaudio-8.0.tar
2016-04-02 10:50 - 2016-04-02 10:51 - 01517656 _____ C:\Users\Admin\Downloads\pulseaudio-8.0.tar.xz
2016-04-02 10:50 - 2016-04-02 10:50 - 00000064 _____ C:\Users\Admin\Downloads\pulseaudio-8.0.tar.xz.sha1
2016-04-02 10:33 - 2016-04-02 10:33 - 00143879 _____ C:\Users\Admin\Downloads\INCEPTION_TIME_Piano Sheets_MusicMike512.pdf
2016-04-01 12:05 - 2016-04-23 11:49 - 00002666 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-01 12:05 - 2016-04-01 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-31 13:59 - 2016-03-31 13:59 - 00000000 ____D C:\Users\Admin\Documents\Custom Office Templates
2016-03-31 12:13 - 2016-03-30 03:06 - 01373680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-03-31 12:13 - 2016-03-30 03:05 - 01767248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-03-31 08:30 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-03-31 08:29 - 2016-03-31 08:29 - 00031782 _____ C:\Users\Admin\Downloads\oculus-vr-gaming-pc-de.htm
2016-03-31 08:29 - 2016-03-25 03:23 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-03-31 08:29 - 2016-03-22 06:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00546328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00129208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-03-31 08:29 - 2016-03-22 06:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-03-31 08:29 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-03-31 08:29 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-03-30 17:58 - 2016-04-27 20:10 - 00000000 ____D C:\Users\Admin\.junique

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 19:53 - 2016-02-10 10:48 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-29 19:46 - 2015-12-25 22:13 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-04-29 19:45 - 2015-08-23 16:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-04-29 19:37 - 2015-10-26 21:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-29 19:06 - 2015-10-08 14:01 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-29 19:04 - 2015-07-08 20:59 - 00000000 ____D C:\Users\Admin\AppData\Local\Arma 3
2016-04-29 18:45 - 2015-08-23 16:32 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-29 14:53 - 2015-08-09 19:47 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2016-04-29 14:09 - 2015-10-30 20:35 - 00847432 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-29 14:09 - 2015-10-30 20:35 - 00180322 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-29 14:09 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-29 14:09 - 2015-08-01 09:30 - 01979688 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-29 14:06 - 2015-10-08 14:01 - 00001240 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-29 09:53 - 2016-02-10 10:48 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 07:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-29 07:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-29 06:56 - 2015-10-08 14:07 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-04-29 06:55 - 2015-08-09 06:39 - 00000296 _____ C:\WINDOWS\Tasks\StartupStar Firewall.job
2016-04-29 06:55 - 2015-07-07 04:55 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-04-29 06:47 - 2015-11-18 13:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-29 06:47 - 2015-11-18 13:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-28 22:30 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-28 22:28 - 2015-11-26 16:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2016-04-28 22:28 - 2015-11-26 16:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2016-04-28 20:38 - 2015-08-01 09:37 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-04-28 20:34 - 2015-10-18 08:09 - 00584192 ___SH C:\Users\Admin\Desktop\Thumbs.db
2016-04-28 07:27 - 2016-01-05 14:55 - 00000000 ____D C:\Users\Admin\.VirtualBox
2016-04-28 06:58 - 2015-07-28 07:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-28 06:53 - 2016-02-20 11:36 - 00000000 ____D C:\Program Files\ParkControl
2016-04-27 18:46 - 2015-09-21 16:58 - 00404480 ___SH C:\Users\Admin\Downloads\Thumbs.db
2016-04-26 21:55 - 2015-08-20 11:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier
2016-04-26 21:55 - 2015-08-20 10:33 - 00000000 ____D C:\Program Files\Ultracopier
2016-04-26 21:50 - 2015-09-14 11:43 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage
2016-04-26 21:50 - 2015-09-14 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-26 21:50 - 2015-07-18 11:19 - 00000000 ____D C:\ProgramData\Oracle
2016-04-26 21:48 - 2015-09-14 11:43 - 00000000 ____D C:\Program Files\Java
2016-04-23 17:30 - 2016-03-26 00:26 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-04-23 17:30 - 2016-03-26 00:26 - 00000000 ____D C:\Program Files\Image-Line
2016-04-23 17:30 - 2016-03-26 00:22 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-04-23 11:49 - 2016-03-11 12:18 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-23 11:49 - 2016-03-07 20:53 - 00000411 _____ C:\Users\Public\Desktop\Emergency4 spielen.lnk
2016-04-23 11:49 - 2016-03-07 20:48 - 00000806 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2016-04-23 11:49 - 2016-02-22 20:44 - 00000785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-04-23 11:49 - 2016-02-22 20:43 - 00000753 _____ C:\Users\Public\Desktop\Inkscape.lnk
2016-04-23 11:49 - 2016-02-21 22:33 - 00000785 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2015 Premium.lnk
2016-04-23 11:49 - 2016-02-09 19:33 - 00001072 _____ C:\Users\Public\Desktop\Desktop Live Streamer.lnk
2016-04-23 11:49 - 2016-02-09 09:43 - 00001491 _____ C:\Users\Public\Desktop\OBS Multiplatform.lnk
2016-04-23 11:49 - 2016-01-23 15:52 - 00002659 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvil Studio.lnk
2016-04-23 11:49 - 2016-01-23 15:52 - 00002641 _____ C:\Users\Public\Desktop\Anvil Studio.lnk
2016-04-23 11:49 - 2016-01-17 20:43 - 00000761 _____ C:\Users\Public\Desktop\ArmA3Sync.lnk
2016-04-23 11:49 - 2016-01-12 18:18 - 00001133 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000927 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000773 _____ C:\Users\Public\Desktop\Genymotion.lnk
2016-04-23 11:49 - 2016-01-05 14:54 - 00000768 _____ C:\Users\Public\Desktop\Genymotion Shell.lnk
2016-04-23 11:49 - 2015-12-19 18:42 - 00000781 _____ C:\Users\Public\Desktop\Mine-imator.lnk
2016-04-23 11:49 - 2015-11-21 14:56 - 00000718 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-04-23 11:49 - 2015-11-18 13:39 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-23 11:49 - 2015-11-13 15:59 - 00000926 _____ C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2016-04-23 11:49 - 2015-11-12 16:25 - 00000753 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-04-23 11:49 - 2015-11-12 16:25 - 00000753 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-23 11:49 - 2015-11-08 11:20 - 00001460 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-04-23 11:49 - 2015-10-24 18:29 - 00000727 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2016.lnk
2016-04-23 11:49 - 2015-10-24 08:59 - 00001315 _____ C:\Users\Public\Desktop\FotoMorph.lnk
2016-04-23 11:49 - 2015-10-24 08:30 - 00000775 _____ C:\Users\Public\Desktop\MAGIX Video deluxe 2016 Premium.lnk
2016-04-23 11:49 - 2015-10-16 15:31 - 00001764 _____ C:\Users\Public\Desktop\MAGIX Music Maker Movie Score Edition.lnk
2016-04-23 11:49 - 2015-10-13 16:29 - 00001196 _____ C:\Users\Public\Desktop\Adjustment Pattern software.lnk
2016-04-23 11:49 - 2015-10-05 16:30 - 00000753 _____ C:\Users\Public\Desktop\1AVShare.lnk
2016-04-23 11:49 - 2015-09-26 11:24 - 00001074 _____ C:\Users\Public\Desktop\My Film Kiosk.lnk
2016-04-23 11:49 - 2015-09-14 10:16 - 00000561 _____ C:\Users\Public\Desktop\Origin.lnk
2016-04-23 11:49 - 2015-09-14 10:04 - 00001155 _____ C:\Users\Public\Desktop\Sticky Password.lnk
2016-04-23 11:49 - 2015-09-11 10:44 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-04-23 11:49 - 2015-09-10 11:57 - 00000743 _____ C:\Users\Public\Desktop\Schiff-Simulator 2008 Mission Editor.lnk
2016-04-23 11:49 - 2015-09-10 11:57 - 00000737 _____ C:\Users\Public\Desktop\Schiff-Simulator 2008.lnk
2016-04-23 11:49 - 2015-09-09 14:26 - 00000848 _____ C:\Users\Public\Desktop\Flughafen-Feuerwehr-Simulator.lnk
2016-04-23 11:49 - 2015-09-04 08:57 - 00001042 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-04-23 11:49 - 2015-08-23 16:32 - 00001046 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-04-23 11:49 - 2015-08-23 07:36 - 00000549 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-23 11:49 - 2015-08-21 07:35 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-04-23 11:49 - 2015-08-20 13:08 - 00001447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-04-23 11:49 - 2015-08-13 07:55 - 00001213 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2016-04-23 11:49 - 2015-08-11 13:37 - 00001149 _____ C:\Users\Public\Desktop\Snaz.lnk
2016-04-23 11:49 - 2015-08-09 06:46 - 00001272 _____ C:\Users\Public\Desktop\Ashampoo Core Tuner 2.lnk
2016-04-23 11:49 - 2015-08-09 06:39 - 00001106 _____ C:\Users\Public\Desktop\StartupStar.lnk
2016-04-23 11:49 - 2015-07-26 07:44 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
2016-04-23 11:49 - 2015-07-19 14:14 - 00000920 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-04-23 11:49 - 2015-07-18 10:42 - 00000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-04-23 11:49 - 2015-07-18 10:08 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-23 11:49 - 2015-07-14 15:25 - 00001813 _____ C:\Users\Public\Desktop\BlueJ.lnk
2016-04-23 11:49 - 2015-07-13 14:14 - 00002041 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-23 11:49 - 2015-07-11 12:31 - 00000996 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-04-23 11:49 - 2015-07-08 19:59 - 00002034 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-04-23 11:48 - 2016-03-26 00:27 - 00000858 _____ C:\Users\Admin\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2016-04-23 11:48 - 2016-03-26 00:26 - 00000861 _____ C:\Users\Admin\Desktop\FL Studio 12 (64bit).lnk
2016-04-23 11:48 - 2016-03-26 00:26 - 00000849 _____ C:\Users\Admin\Desktop\FL Studio 12.lnk
2016-04-23 11:48 - 2016-02-23 12:09 - 00000875 _____ C:\Users\Admin\Desktop\Eclipse Java Mars.lnk
2016-04-23 11:48 - 2016-02-23 12:05 - 00000872 _____ C:\Users\Admin\Desktop\Eclipse Php Mars.lnk
2016-04-23 11:48 - 2016-01-23 15:44 - 00000821 _____ C:\Users\Admin\Desktop\ASIO4ALL v2 Anleitung.lnk
2016-04-23 11:48 - 2015-12-29 09:57 - 00001509 _____ C:\Users\Admin\Desktop\LEGOHarryPotter.lnk
2016-04-23 11:48 - 2015-11-26 16:57 - 00001895 _____ C:\Users\Admin\Desktop\Spotify.lnk
2016-04-23 11:48 - 2015-11-26 16:57 - 00001881 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-04-23 11:48 - 2015-11-18 19:31 - 00000779 _____ C:\Users\Admin\Desktop\GeoGebra.lnk
2016-04-23 11:48 - 2015-11-10 17:04 - 00001092 _____ C:\Users\Admin\Desktop\RidNacs.lnk
2016-04-23 11:48 - 2015-10-25 15:04 - 00000806 _____ C:\Users\Admin\Desktop\MSI Afterburner.lnk
2016-04-23 11:48 - 2015-10-25 14:36 - 00000721 _____ C:\Users\Admin\Desktop\TechPowerUp GPU-Z.lnk
2016-04-23 11:48 - 2015-10-08 14:07 - 00001299 _____ C:\Users\Admin\Desktop\Dropbox.lnk
2016-04-23 11:48 - 2015-09-28 16:07 - 00001773 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-23 11:48 - 2015-09-28 16:07 - 00001725 _____ C:\Users\Admin\Desktop\Start Tor Browser.lnk
2016-04-23 11:48 - 2015-09-24 21:31 - 00001355 _____ C:\Users\Admin\Desktop\Auslogics Disk Defrag Professional.lnk
2016-04-23 11:48 - 2015-09-21 21:51 - 00001285 _____ C:\Users\Admin\Desktop\Auslogics Driver Updater.lnk
2016-04-23 11:48 - 2015-09-19 11:19 - 00001413 _____ C:\Users\Admin\Desktop\explorer.lnk
2016-04-23 11:48 - 2015-09-19 09:23 - 00001242 _____ C:\Users\Admin\Desktop\Auslogics BoostSpeed 8.lnk
2016-04-23 11:48 - 2015-09-14 10:04 - 00001242 _____ C:\Users\Admin\Desktop\Auslogics DiskDefrag.lnk
2016-04-23 11:48 - 2015-08-29 08:33 - 00002384 _____ C:\Users\Admin\Desktop\Play withSIX.lnk
2016-04-23 11:48 - 2015-08-12 18:07 - 00001062 _____ C:\Users\Admin\Desktop\GIGA F-Tasten.lnk
2016-04-23 11:48 - 2015-08-11 11:32 - 00001004 _____ C:\Users\Admin\Desktop\Open Broadcaster Software.lnk
2016-04-23 11:48 - 2015-08-01 09:40 - 00001047 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-23 11:48 - 2015-07-31 21:18 - 00002181 _____ C:\Users\Admin\Desktop\Git Shell.lnk
2016-04-23 11:48 - 2015-07-28 07:52 - 00001801 _____ C:\Users\Admin\Desktop\Google Drive.lnk
2016-04-23 11:48 - 2015-07-26 07:44 - 00000963 _____ C:\Users\Admin\Desktop\YaTQA.lnk
2016-04-23 11:48 - 2015-07-08 18:39 - 00001079 _____ C:\Users\Admin\Desktop\Eigene Dokumente.lnk
2016-04-23 11:48 - 2015-07-08 18:39 - 00000512 _____ C:\Users\Admin\Desktop\Lokaler Datenträger (C).lnk
2016-04-23 10:31 - 2015-11-18 13:36 - 00000000 ____D C:\Users\Admin
2016-04-23 10:06 - 2015-07-11 13:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2016-04-23 10:05 - 2015-07-11 13:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-23 09:46 - 2015-07-06 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-22 14:57 - 2015-12-02 12:13 - 00000000 ____D C:\Users\Admin\Documents\My Games
2016-04-19 22:11 - 2016-01-05 15:06 - 00000000 ____D C:\Users\Admin\.android
2016-04-19 16:06 - 2015-07-08 07:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-19 16:06 - 2015-07-08 07:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-17 17:23 - 2016-02-23 12:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Eclipse
2016-04-17 17:23 - 2016-02-23 11:56 - 00000000 ____D C:\Users\Admin\.p2
2016-04-16 00:27 - 2015-10-08 14:01 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 20:17 - 2015-10-08 14:01 - 00000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2016-04-15 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 07:03 - 2015-11-18 13:34 - 05256408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-13 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 17:56 - 2016-03-07 18:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-13 17:55 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 17:53 - 2009-07-14 04:34 - 00000541 _____ C:\WINDOWS\win.ini
2016-04-13 17:13 - 2015-07-06 20:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 17:10 - 2015-07-06 20:17 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 16:36 - 2015-07-11 08:50 - 00007599 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2016-04-13 16:34 - 2015-07-08 19:59 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-04-12 13:59 - 2015-11-18 13:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-07 20:37 - 2015-10-26 21:55 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-07 16:57 - 2015-07-08 07:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-06 22:15 - 2015-07-18 12:30 - 00000000 ____D C:\Users\Admin\.gimp-2.8
2016-04-06 20:09 - 2015-07-18 12:31 - 00000000 ____D C:\Users\Admin\AppData\Local\gtk-2.0
2016-04-06 18:23 - 2015-12-01 17:24 - 00000000 ____D C:\Users\Admin\Documents\Euro Truck Simulator 2
2016-04-02 21:23 - 2015-08-12 08:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Audacity
2016-04-01 17:04 - 2015-07-08 19:40 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-04-01 12:05 - 2015-09-12 15:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-01 12:05 - 2015-07-08 19:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Skype
2016-04-01 12:05 - 2015-07-08 19:40 - 00000000 ____D C:\ProgramData\Skype
2016-03-31 15:22 - 2016-02-09 18:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-31 08:30 - 2015-11-18 13:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-31 08:30 - 2015-11-08 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-31 08:29 - 2015-11-18 13:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-30 03:06 - 2015-11-08 11:20 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-19 22:04 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-11-08 11:20 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-29 15:33 - 2013-06-29 15:33 - 0037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2013-06-29 15:33 - 2013-06-29 15:33 - 0008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2015-10-25 19:02 - 2015-12-05 10:45 - 0019968 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-26 08:25 - 2015-07-26 08:25 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2016-04-06 20:16 - 2016-04-06 20:16 - 0004640 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-07-11 08:50 - 2016-04-13 16:36 - 0007599 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-11-18 13:35 - 2015-11-18 13:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\proxy_vole2975049463539127702.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-23 13:54

==================== Ende von FRST.txt ============================
         

Alt 29.04.2016, 21:12   #27
M-K-D-B
/// TB-Ausbilder
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Servus,


laut FRST ist FF jetzt als Standardbrowser eingetragen.







Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Alt 30.04.2016, 08:44   #28
Auran
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Hallo Matthias,

ganz lieben Dank für deine Hilfe

Ich habe alle Schritte befolgt und mir ist nicht aufgefallen, dass das mit FF wieder passt xD
Danke dir. Bin ich froh, dass es sowas, wie Trojaner-Board gibt.

Eine Frage hätte ich aber nicht zum Thema Chip: Ich beziehe eigentlich nur von Chip meine Dateien, da ich die bisher für clean gehalten habe. Ich lade die allerdings nie über den "Installer", sodern immer die Datei selbst runter. Diese Möglichkeit gibt es bei allen Dateien.
Dagegen den "Installer" gibt es nicht bei allen.
Bei Softonic würde ich dir sofort zustimmen, aber ist es bei Chip ungefährlich die Installationsdatei direkt zu beziehen?

Grüße,
Auran aka Julian

Alt 30.04.2016, 19:54   #29
M-K-D-B
/// TB-Ausbilder
 
Unbekannte Maleware öffnet in Chrome Seiten - Standard

Unbekannte Maleware öffnet in Chrome Seiten



Zitat:
Zitat von Auran Beitrag anzeigen
Bei Softonic würde ich dir sofort zustimmen, aber ist es bei Chip ungefährlich die Installationsdatei direkt zu beziehen?
Direkt ist wohl ok, aber pass bei dem Installer auf.




Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu Unbekannte Maleware öffnet in Chrome Seiten
avira, escan, eset, fehler, fix, frage, fragen, infiziert, installiert, javascript, klick, log, maleware, malwarebytes, nicht mehr, onlinescan, pop-ups, probleme, programme, seite, seiten, startseite, suchmaschine, öffnen, öffnet



Ähnliche Themen: Unbekannte Maleware öffnet in Chrome Seiten


  1. Unbekannte Maleware/Virus
    Plagegeister aller Art und deren Bekämpfung - 11.12.2015 (20)
  2. Chrome öffnet Tabs und eigene Seiten mit Werbungen
    Plagegeister aller Art und deren Bekämpfung - 24.11.2015 (3)
  3. Windows 8: Groß/Kleinschreibung vertauscht und Chrome öffnet immer neue Seiten.
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (1)
  4. Chrome öffnet sich selbst, bzw. unseriöse Seiten
    Log-Analyse und Auswertung - 17.04.2015 (9)
  5. Google Chrome öffnet Werbefenster und komische Seiten
    Log-Analyse und Auswertung - 12.11.2014 (7)
  6. Chrome öffnet selbstständig neue Tabs mit Seiten wie Browsergames, Casinos, Finanztips usw.
    Log-Analyse und Auswertung - 19.09.2014 (7)
  7. Google Chrome öffnet einfach Seiten und kleine Werbungen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2014 (16)
  8. Google Chrome öffnet ungefragt Seiten/Werbung
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (11)
  9. Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um
    Log-Analyse und Auswertung - 08.07.2014 (8)
  10. Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig!
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (11)
  11. Chrome öffnet komische Seiten,Werbung, Videos. Außerdem erheblich langsam geworden !
    Log-Analyse und Auswertung - 30.05.2014 (11)
  12. Google Chrome öffnet neue Seiten (z.B. 123srv.com, lpmxbox600.com)
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (13)
  13. [Google Chrome]Neue Seiten öffnen sich automatisch ( Werbung ) zufällige wörter jeder Internet seiten sind mit URL's verseht
    Plagegeister aller Art und deren Bekämpfung - 01.04.2014 (5)
  14. Internet Explorer leitet auf mir unbekannte Seiten um
    Log-Analyse und Auswertung - 13.05.2011 (30)
  15. Browser stürzen ab, leiten auf unbekannte Seiten um
    Log-Analyse und Auswertung - 09.07.2010 (10)
  16. Eigentlich ungenutzter Internet Explorer öffnet unbekannte Seiten
    Log-Analyse und Auswertung - 25.05.2010 (2)
  17. Unbekannte Seiten in der Chronik
    Plagegeister aller Art und deren Bekämpfung - 17.10.2008 (8)

Zum Thema Unbekannte Maleware öffnet in Chrome Seiten - Servus, danke für den Upload. wir kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Setze Google Chrome nach dieser Anleitung zurück. Schritt 2 ESET Online - Unbekannte Maleware öffnet in Chrome Seiten...
Archiv
Du betrachtest: Unbekannte Maleware öffnet in Chrome Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.