Routineuntersuchung nach Schädlingen

LuciLu · 30.06.2016, 19:35

Ich hab zwar zur Zeit keine fühlbaren Leistungsprobleme; habe aber
trotzdem den Verdacht das einige Schadsoftware von meinen
SchutzProgrammen nicht erkannt wird.

Könnte also einen Experten :-) brauchen der mir einen Leitfaden
gibt, um auch Schadsoftware zu finden, welche die normalen AntiVirenProgramme
eben nicht erkennen.

Danke schon mal im Voraus.

Gruß

LuciLu

cosinus · 30.06.2016, 22:54

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

LuciLu · 01.07.2016, 06:45

Hier is es:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von Daniel (Administrator) auf LAPTOP (01-07-2016 07:38:57)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [17008 2016-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{04E21828-AB1A-4880-A398-56582BE594A3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1E1A188B-1378-4952-811A-32478B758EFD}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{21A0E600-F523-4F9E-BF0B-A97E36F5C31C}: [NameServer] 195.37.88.2,195.37.88.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {4BDC21EA-91A2-49F0-8567-33F8261C8DB6} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {87CE2B2E-CA6B-4EC2-8FA2-0F950A2714B7} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {AD430B31-670C-430F-8AE7-176D9B720BC9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {CDB7F44B-77DE-461C-939C-75FA1569613B} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1709449750-3236269397-1973272773-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\5c7xcxxr.default\Extensions\abs@avira.com [2016-06-23]

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-31]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-05-30]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-06-15]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2016-06-24] (BioWare)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-17] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [25760 2016-06-09] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-04] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 secdrv; kein ImagePath
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-08-27] (wisecleaner.com)
R3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [29616 2016-05-27] (WiseCleaner.com)
R3 ykinw8; C:\Windows\system32\DRIVERS\ykinx64.sys [288768 2013-06-18] (Marvell)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 07:38 - 2016-07-01 07:39 - 00019752 _____ C:\Users\Daniel\Downloads\FRST.txt
2016-07-01 07:38 - 2016-07-01 07:38 - 02390016 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2016-07-01 07:38 - 2016-07-01 07:38 - 00000000 ____D C:\FRST
2016-06-30 20:13 - 2016-06-30 22:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-30 20:13 - 2016-06-30 20:13 - 00001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-30 20:13 - 2016-06-30 20:13 - 00001395 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-30 20:13 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-06-30 20:12 - 2016-06-30 20:12 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.40.exe
2016-06-30 19:48 - 2016-06-30 22:11 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-06-30 19:48 - 2016-06-30 19:48 - 03086696 _____ C:\Users\Daniel\Downloads\instspeedfan452.exe
2016-06-30 19:48 - 2016-06-30 19:48 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-06-30 19:47 - 2016-06-30 19:47 - 00000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\Program Files\CPUID
2016-06-30 19:46 - 2016-06-30 19:46 - 01224080 _____ ( ) C:\Users\Daniel\Downloads\hwmonitor_1.29.exe
2016-06-30 19:39 - 2016-06-30 19:39 - 00262144 ____N C:\WINDOWS\Minidump\063016-23484-01.dmp
2016-06-30 19:38 - 2016-06-30 19:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NVIDIA
2016-06-30 19:37 - 2016-01-29 14:08 - 00082488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 14:08 - 00067520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 06791736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 03529152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 02558328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00932728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-30 19:37 - 2016-01-29 12:49 - 00384888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00062512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-30 19:37 - 2016-01-28 18:29 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-30 19:34 - 2016-06-30 19:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-30 19:34 - 2016-01-29 14:08 - 31523896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 23000000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 18634264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 17559240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 16128576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13916600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13828032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 12911160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-30 19:34 - 2016-01-29 14:08 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 11209376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 04252608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03996216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03210784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 02825016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01908272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01557552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00952256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00915392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00911928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00026157 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-30 19:32 - 2016-06-30 19:32 - 00000000 ____D C:\NVIDIA
2016-06-30 19:31 - 2016-06-30 19:32 - 283505784 _____ (NVIDIA Corporation) C:\Users\Daniel\Downloads\341.95-notebook-win8-win7-64bit-international.exe
2016-06-30 19:26 - 2016-06-30 19:26 - 00262144 ____N C:\WINDOWS\Minidump\063016-21546-01.dmp
2016-06-30 19:23 - 2016-06-30 19:23 - 01474568 _____ C:\Users\Daniel\Downloads\FurMark - CHIP-Installer.exe
2016-06-30 19:03 - 2016-06-30 19:03 - 00262144 ____N C:\WINDOWS\Minidump\063016-22093-01.dmp
2016-06-30 16:44 - 2016-06-30 16:44 - 00000222 _____ C:\Users\Daniel\Desktop\Pillars of Eternity.url
2016-06-30 15:52 - 2016-06-30 15:52 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende (1).pdf
2016-06-30 12:01 - 2016-06-30 12:02 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende.pdf
2016-06-30 09:58 - 2016-06-30 09:58 - 00262144 ____N C:\WINDOWS\Minidump\063016-24593-01.dmp
2016-06-30 09:56 - 2016-06-30 09:56 - 00262144 ____N C:\WINDOWS\Minidump\063016-25453-01.dmp
2016-06-30 09:35 - 2016-06-30 09:35 - 00262144 ____N C:\WINDOWS\Minidump\063016-24718-01.dmp
2016-06-29 08:01 - 2016-06-29 08:01 - 00291928 _____ C:\Users\Daniel\Downloads\1030118809.pdf
2016-06-29 05:57 - 2016-06-29 05:58 - 00564312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-25 17:55 - 2016-06-25 17:56 - 00000000 ____D C:\Users\Daniel\Desktop\Corel
2016-06-25 14:21 - 2016-06-25 14:21 - 00000000 ____D C:\Users\Daniel\Documents\Meine Paletten
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\Program Files (x86)\gs
2016-06-25 14:03 - 2016-06-25 14:06 - 00003314 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2016-06-25 14:03 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files (x86)\Corel
2016-06-25 14:02 - 2016-06-25 14:02 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-06-25 14:00 - 2016-06-25 14:00 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-06-25 13:58 - 2016-06-25 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-06-25 13:57 - 2016-06-25 14:19 - 00000000 ____D C:\Users\Daniel\Documents\Corel
2016-06-25 13:57 - 2016-06-25 14:07 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Corel
2016-06-25 13:55 - 2016-06-25 14:17 - 00000000 ____D C:\ProgramData\Corel
2016-06-25 13:54 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files\Corel
2016-06-25 13:51 - 2016-06-25 13:51 - 00000000 ____D C:\ProgramData\UniqueId
2016-06-25 13:49 - 2016-06-25 13:49 - 01473544 _____ C:\Users\Daniel\Downloads\CorelDraw Graphics Suite X8 64 Bit - CHIP-Installer.exe
2016-06-25 13:41 - 2016-06-25 13:41 - 00001582 _____ C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-06-25 13:41 - 2016-06-25 13:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\gtk-2.0
2016-06-25 13:39 - 2016-06-25 13:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\webkit
2016-06-24 21:26 - 2016-06-24 21:26 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-24 21:25 - 2016-06-24 21:25 - 01476720 _____ C:\Users\Daniel\Downloads\SteamSetup__17.exe
2016-06-23 20:29 - 2016-06-23 20:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\AviraSpeedup
2016-06-23 16:59 - 2016-06-23 16:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Avira
2016-06-23 16:57 - 2016-06-23 16:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\Avira
2016-06-23 16:50 - 2016-06-29 05:25 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-06-23 16:50 - 2016-06-23 16:50 - 00003344 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-06-23 16:46 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-23 16:45 - 2016-06-23 16:45 - 00001230 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-23 16:44 - 2016-06-23 16:50 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-23 16:44 - 2016-06-23 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-23 16:44 - 2016-06-23 16:46 - 00000000 ____D C:\ProgramData\Avira
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw.exe
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw (1).exe
2016-06-23 16:28 - 2016-06-23 16:28 - 06253640 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-23 15:20 - 2016-06-23 15:20 - 13166304 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\Silverlight_x64 (1).exe
2016-06-23 14:54 - 2016-06-23 14:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-23 14:03 - 2016-06-23 15:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Battle.net
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Blizzard Entertainment
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-23 14:02 - 2016-06-23 14:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-23 14:02 - 2016-06-23 14:02 - 03012080 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Battle.net-Setup.exe
2016-06-23 14:02 - 2016-06-23 14:02 - 00001134 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-23 14:02 - 2016-06-23 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-23 13:48 - 2016-06-23 15:17 - 00000000 ____D C:\ProgramData\Battle.net
2016-06-23 13:48 - 2016-06-23 14:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Battle.net
2016-06-23 13:48 - 2016-06-23 13:48 - 03219440 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Diablo-III-Setup.exe
2016-06-23 13:14 - 2016-06-23 13:14 - 06995720 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup519.exe
2016-06-23 13:07 - 2016-06-23 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Euask
2016-06-23 13:06 - 2016-06-23 13:06 - 06812424 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (3).exe
2016-06-22 08:33 - 2016-06-22 08:33 - 00002325 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:28 - 2016-06-22 08:33 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-06-21 07:27 - 2016-06-21 07:27 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-06-21 07:26 - 2016-06-21 07:26 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-06-21 07:24 - 2016-06-21 07:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-16 12:08 - 2016-06-16 12:08 - 03703360 _____ C:\Users\Daniel\Downloads\adwcleaner_5.200.exe
2016-06-15 20:54 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 20:54 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 20:54 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 20:54 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 20:54 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 20:53 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 20:53 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 20:53 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 20:53 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 20:53 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 20:53 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 20:53 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 20:53 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 20:53 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 20:53 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 20:53 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 20:52 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 20:52 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 20:52 - 2016-05-12 18:24 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 20:52 - 2016-05-12 18:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-15 20:52 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 20:52 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 20:52 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 20:52 - 2016-05-12 17:48 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 20:52 - 2016-05-12 17:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-15 20:52 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 20:51 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 20:51 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 20:51 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 20:51 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 20:51 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 20:51 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 20:51 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 20:51 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 20:51 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 20:51 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 20:51 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 20:50 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 20:50 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 20:50 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 20:50 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 20:50 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 20:50 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 20:50 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 20:50 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 20:50 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 20:50 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 20:50 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-12 23:27 - 2016-06-15 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\ESET
2016-06-12 23:26 - 2016-06-13 11:50 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Daniel\Downloads\esetonlinescanner_enu.exe
2016-06-12 13:26 - 2016-06-12 13:26 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-06-09 21:51 - 2016-07-01 07:32 - 00000416 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2016-06-09 21:51 - 2016-06-30 21:00 - 00000444 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2016-06-09 21:51 - 2016-06-09 21:51 - 00003094 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker
2016-06-09 21:51 - 2016-06-09 21:51 - 00002824 _____ C:\WINDOWS\System32\Tasks\Wise Care 365
2016-06-08 13:06 - 2016-06-08 13:06 - 00036009 _____ C:\Users\Daniel\Downloads\1186_6b73.pdf
2016-06-07 21:31 - 2016-06-07 21:31 - 00000000 ____D C:\Users\Daniel\.thumbnails
2016-06-07 21:11 - 2016-06-07 21:11 - 06976264 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (2).exe
2016-06-07 20:48 - 2016-06-07 20:48 - 01471450 _____ C:\Users\Daniel\Downloads\Wiederholtes Wahlausschreiben.zip
2016-06-06 21:05 - 2016-06-06 21:05 - 00098144 _____ C:\Users\Daniel\Downloads\Satzung_FSR_GT_URT.pdf
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR.odt
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR (1).odt
2016-06-04 00:24 - 2016-06-04 00:24 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-04 00:24 - 2016-06-04 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-04 00:23 - 2016-06-04 00:24 - 00000000 ____D C:\Program Files\iTunes
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files\iPod
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-04 00:06 - 2016-06-04 00:06 - 03677248 _____ C:\Users\Daniel\Downloads\adwcleaner_5.119 (1).exe
2016-06-04 00:05 - 2016-06-04 00:06 - 03677248 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 769587.crdownload
2016-06-03 19:37 - 2016-06-03 19:37 - 00001709 _____ C:\Users\Daniel\Downloads\1054364214_bibframe.rdf
2016-06-02 15:18 - 2016-06-02 15:18 - 00701008 _____ C:\Users\Daniel\Downloads\Anlagen.zip
2016-06-01 16:55 - 2016-06-01 16:55 - 00070662 _____ C:\Users\Daniel\Downloads\Protokoll Umweltanalytik V3.odt.pdf
2016-06-01 16:48 - 2016-06-01 16:49 - 215483212 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-48.zip
2016-06-01 16:43 - 2016-06-01 16:56 - 205744746 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-43.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2099-01-01 01:01 - 2015-08-27 11:11 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40BEC314-F4CB-4B1E-A590-6DFF4B087C8D}
2016-07-01 07:32 - 2015-08-19 19:16 - 00000000 ___RD C:\Users\Daniel\OneDrive
2016-07-01 07:31 - 2015-11-17 07:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-30 23:15 - 2015-08-19 14:06 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-30 22:25 - 2015-08-19 09:18 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-06-30 22:13 - 2016-05-22 17:50 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Care 365
2016-06-30 22:12 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-30 22:11 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-30 22:11 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-30 22:10 - 2015-08-19 18:55 - 00000000 ____D C:\Users\Daniel
2016-06-30 22:03 - 2015-09-22 20:09 - 00000000 ____D C:\Users\Daniel\Desktop\CD-Coves itunes
2016-06-30 19:39 - 2015-08-24 13:01 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-30 19:37 - 2016-02-28 00:47 - 00000000 ____D C:\Temp
2016-06-30 19:37 - 2015-11-16 19:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-30 19:37 - 2015-08-19 18:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 19:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2016-06-30 19:36 - 2015-08-20 05:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-30 18:57 - 2015-08-20 07:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-29 08:12 - 2014-09-24 08:16 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-29 08:12 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-29 08:12 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-29 05:56 - 2015-11-01 22:11 - 00000000 ____D C:\AdwCleaner
2016-06-28 21:46 - 2015-08-19 09:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2016-06-26 18:17 - 2015-08-20 07:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-25 23:38 - 2015-11-17 07:46 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-25 17:58 - 2016-01-23 15:38 - 00000000 ____D C:\Users\Daniel\Desktop\SecurityAndCleaner
2016-06-25 17:58 - 2016-01-23 15:36 - 00000000 ____D C:\Users\Daniel\Desktop\Spiele
2016-06-25 17:57 - 2015-11-15 21:49 - 00000000 ____D C:\Users\Daniel\Desktop\Files
2016-06-25 14:04 - 2015-09-17 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-25 13:54 - 2016-05-29 19:42 - 00000000 ____D C:\Users\Daniel\.gimp-2.8
2016-06-24 21:33 - 2016-02-20 22:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-24 21:26 - 2015-10-24 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-23 20:32 - 2015-11-02 17:36 - 00000000 ____D C:\WINDOWS\SoftwareDistribution.old
2016-06-23 20:32 - 2015-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\catroot2.old
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 16:34 - 2015-08-20 07:21 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-23 15:20 - 2015-11-16 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 14:55 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-23 14:52 - 2015-12-03 15:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-23 13:07 - 2016-05-22 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-06-19 17:14 - 2016-05-14 17:13 - 00003418 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-06-18 10:05 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 22:43 - 2015-09-08 20:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 21:31 - 2015-11-17 07:46 - 00003908 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 21:31 - 2015-11-17 07:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 15:41 - 2015-08-19 23:44 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-16 15:41 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-15 22:09 - 2015-08-19 12:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 21:58 - 2015-08-19 12:16 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 19:42 - 2016-05-14 17:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\8213A5E2-8274-4FEC-AFAA-678F401A5C73.aplzod
2016-06-12 19:42 - 2016-05-14 17:14 - 00000000 ___RD C:\Users\Daniel\iCloudDrive
2016-06-12 19:42 - 2015-08-28 21:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple
2016-06-12 09:27 - 2016-04-09 19:54 - 00001079 _____ C:\Users\Daniel\Desktop\MikrSan Vers2.txt
2016-06-04 00:23 - 2015-08-28 21:24 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-08 22:29 - 2015-09-08 22:29 - 0106602 _____ () C:\Users\Daniel\AppData\Local\ars.cache
2015-09-08 22:29 - 2015-09-08 22:29 - 0265562 _____ () C:\Users\Daniel\AppData\Local\census.cache
2015-09-08 22:08 - 2015-09-08 22:08 - 0000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2016-06-25 13:41 - 2016-06-25 13:41 - 0001582 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-02-09 22:10 - 2016-02-09 22:10 - 0000000 _____ () C:\Users\Daniel\AppData\Local\{89A237CE-4F1B-41B8-898A-E841E7003022}

Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
C:\Users\Daniel\AppData\Local\Temp\libeay32.dll
C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Daniel\AppData\Local\Temp\sfareca00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfextra.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-29 06:52

==================== Ende von FRST.txt ============================

FRST

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Daniel (2016-07-01 07:40:24)
Gestartet von C:\Users\Daniel\Downloads
Windows 8.1 Pro (Update) (X64) (2015-08-19 17:11:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1709449750-3236269397-1973272773-500 - Administrator - Disabled)
Daniel (S-1-5-21-1709449750-3236269397-1973272773-1001 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-1709449750-3236269397-1973272773-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Amazon Amazon Music) (Version: 4.3.1.1354 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.5.4.2277 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.450 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM\...\Steam App 47810) (Version:  - BioWare)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBoost (HKLM-x32\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6741.2048 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.8.3.59237 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFTK Builder 3.9.4 (HKLM-x32\...\PDFTK Builder_is1) (Version:  - )
Pillars of Eternity (HKLM\...\Steam App 291650) (Version:  - Obsidian Entertainment)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
SafeZone Stable 1.46.1990.55 (x32 Version: 1.46.1990.55 - Avast Software) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wise Care 365 4.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.21 - WiseCleaner.com, Inc.)
YouTube Song Downloader 2016 (HKLM-x32\...\{03C5002E-9F10-4A13-A592-6792A2547BE5}_is1) (Version: 16.0 - Abelssoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {13382F7A-EDA9-4956-AE11-95E475C0A383} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {1942A3FB-F31A-47E7-A0F5-7B8F55A03CDA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {247201C6-B141-4462-A3E6-7CB68925992E} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2016-06-06] (WiseCleaner.com)
Task: {349FB186-3805-46DE-957F-BB667983C9E1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {3929718E-7E23-4E81-8F88-62492FD614DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {498343BC-11E0-4931-BE1B-46C304472777} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4B85E31A-546F-4833-90BC-814D040EB1E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {508BA283-7254-4EF2-8582-CEFB21B67BC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {60563777-51CA-4B1A-87AF-FDE0A02EFC3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {63C17159-385D-4323-BD3D-CA1529026783} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {65EBBB35-1867-4617-8F15-CB052C5ABA66} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001 => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-22] (Microsoft Corporation)
Task: {66013A97-8D86-4FF2-914F-9A4D50D3A42F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {669D913A-4CE3-4BD2-9C44-CCCAEAF5965D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {9E13C112-26B2-4201-9532-6E1E97990868} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {AE18AC8B-D8AF-40CD-96D8-4DC7510504F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B5DE45FD-AC31-4362-80E9-7BB0D9907A5E} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {BD1E406F-7582-43DF-A944-E5A633C829C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {C2965C3B-1EF1-40CA-9F1A-91C96655A583} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-03-24] (WiseCleaner.COM)
Task: {C7D36B38-1D9E-4256-87A0-55E07F6588A6} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {CFC47512-31AD-4A30-AC5C-5D3F2BE0AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {D1B8CF01-FB76-4EB7-9EF9-E0BFD2D2ED61} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {E0AD3D0C-4BF9-4265-80FF-85983D7FF8A1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {E1FA123E-BDF2-4DBD-A6E4-E3B183F70CB9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {ED825BD1-D3A0-406A-8388-21A1F814781C} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-06-09] (Avira Operations GmbH & Co. KG)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-06 04:06 - 2016-06-05 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 21:49 - 2015-08-19 21:49 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-30 20:13 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-30 20:13 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-30 20:13 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-30 20:13 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-30 20:13 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-08-20 05:42 - 2015-10-12 05:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-02-28 01:01 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 195.37.88.2 - 195.37.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "ApplePhotoStreams"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{516D38C1-9507-41AD-BD80-152A7D7739E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{600484C7-CFB7-4B32-8AC2-F766E0ECEE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0E8DDE1-7506-46A3-89D2-326F8348AA27}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A62FBBBA-123A-4013-8CFD-9F135399175E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB4B3C5A-958D-4E46-AAB1-19DFF1A83961}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{D8EBD861-BBA7-42C3-8E44-90BD4839BC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{4C2CB540-53C1-4B52-913F-CB383F063CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{0FAA2744-D843-4DA2-B6CE-F7DADCA78DFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{220022D1-EAFB-463A-9980-EBC2A33F55C2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E73378C6-4BD1-4565-9028-CDBE9AF44C98}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{09FC3CF8-BBBB-4028-8134-45EF68200817}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{19C98646-0666-4C69-AF5C-7A0BFA255830}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{AD1CB20E-BDB0-48AA-9BBB-169CD25D3C1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{25928986-E265-433C-B99E-2315323A0A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

30-06-2016 20:37:07 Revo Uninstaller's restore point - SpeedFan (remove only)

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/01/2016 07:34:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.


Systemfehler:
=============
Error: (06/30/2016 10:12:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/30/2016 07:40:21 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/30/2016 07:40:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎06.‎2016 um 19:27:40 unerwartet heruntergefahren.

Error: (06/30/2016 07:27:43 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/30/2016 07:27:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎06.‎2016 um 19:04:35 unerwartet heruntergefahren.

Error: (06/30/2016 07:04:48 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/30/2016 07:04:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎06.‎2016 um 18:31:54 unerwartet heruntergefahren.

Error: (06/30/2016 05:52:08 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/30/2016 05:12:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/30/2016 10:00:36 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.


CodeIntegrity:
===================================
  Date: 2016-06-23 16:41:15.090
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-23 16:41:14.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-23 15:29:31.102
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-19 18:23:15.748
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-19 18:23:15.654
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-19 14:33:52.663
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-19 14:33:52.507
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 3953.37 MB
Summe virtueller Speicher: 7100.41 MB
Verfügbarer virtueller Speicher: 4255.95 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:575.18 GB) (Free:441.6 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:744.92 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7BA3F2D1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=575.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.9 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2067C1CD)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Addition

Gruß

LuciLu

cosinus · 01.07.2016, 08:47

Zitat:

CorelDRAW Graphics Suite X8
Microsoft Office 365 ProPlus

Gewerblich genutztes System?

Die Software ist etwas übertrieben für rein privates Vergnügen oder?

LuciLu · 01.07.2016, 09:04

Also das Office 365 hab ich als Student meiner Hochschule quasi for free.
Und CorelDRAW ist die Demo Vesion die in 12 Tagen abläuft; also keine Sorge:-).

cosinus · 01.07.2016, 09:10

Ok

Hau bitte Spybot runter, das Programm ist total überflüssig.

Bitte auch Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

LuciLu · 01.07.2016, 09:32

Beide Programme hab ich entfernt,
bin also bereit für die nächsten Schritte.

Gruß

LuciLu

cosinus · 01.07.2016, 09:32

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

LuciLu · 01.07.2016, 10:11

Okay hier ist das log

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.07.01.02
  rootkit: v2016.05.27.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18350
Daniel :: LAPTOP [administrator]

01.07.2016 10:36:52
mbar-log-2016-07-01 (10-36-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 327624
Time elapsed: 29 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Gruß

LuciLu

cosinus · 01.07.2016, 10:30

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

LuciLu · 01.07.2016, 10:51

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 01/07/2016 um 11:41:17
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-06-30.2 [Server]
# Betriebssystem : Windows 8.1 Pro  (X64)
# Benutzername : Daniel - LAPTOP
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****

[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : sm.de

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4508 Bytes] - [01/11/2015 22:12:52]
C:\AdwCleaner\AdwCleaner[C2].txt - [4925 Bytes] - [07/11/2015 21:24:50]
C:\AdwCleaner\AdwCleaner[C3].txt - [2898 Bytes] - [25/11/2015 00:10:51]
C:\AdwCleaner\AdwCleaner[C4].txt - [3248 Bytes] - [01/12/2015 14:23:13]
C:\AdwCleaner\AdwCleaner[C5].txt - [3748 Bytes] - [08/01/2016 22:19:22]
C:\AdwCleaner\AdwCleaner[C6].txt - [2427 Bytes] - [16/06/2016 15:39:18]
C:\AdwCleaner\AdwCleaner[C7].txt - [2705 Bytes] - [29/06/2016 05:56:46]
C:\AdwCleaner\AdwCleaner[C8].txt - [1572 Bytes] - [01/07/2016 11:41:17]
C:\AdwCleaner\AdwCleaner[S10].txt - [3114 Bytes] - [08/01/2016 22:15:36]
C:\AdwCleaner\AdwCleaner[S11].txt - [1951 Bytes] - [26/05/2016 21:36:09]
C:\AdwCleaner\AdwCleaner[S12].txt - [1949 Bytes] - [29/05/2016 22:18:17]
C:\AdwCleaner\AdwCleaner[S13].txt - [2129 Bytes] - [04/06/2016 00:06:18]
C:\AdwCleaner\AdwCleaner[S14].txt - [2203 Bytes] - [09/06/2016 19:57:41]
C:\AdwCleaner\AdwCleaner[S15].txt - [2260 Bytes] - [16/06/2016 12:09:09]
C:\AdwCleaner\AdwCleaner[S16].txt - [2321 Bytes] - [18/06/2016 10:44:33]
C:\AdwCleaner\AdwCleaner[S17].txt - [2609 Bytes] - [29/06/2016 05:55:27]
C:\AdwCleaner\AdwCleaner[S18].txt - [2828 Bytes] - [01/07/2016 11:39:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [3787 Bytes] - [01/11/2015 22:11:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [3714 Bytes] - [07/11/2015 21:23:46]
C:\AdwCleaner\AdwCleaner[S3].txt - [3197 Bytes] - [15/11/2015 15:38:14]
C:\AdwCleaner\AdwCleaner[S4].txt - [3239 Bytes] - [25/11/2015 00:08:05]
C:\AdwCleaner\AdwCleaner[S5].txt - [4597 Bytes] - [01/12/2015 14:21:50]
C:\AdwCleaner\AdwCleaner[S6].txt - [2942 Bytes] - [03/12/2015 11:23:58]
C:\AdwCleaner\AdwCleaner[S7].txt - [2525 Bytes] - [07/12/2015 07:31:11]
C:\AdwCleaner\AdwCleaner[S8].txt - [2578 Bytes] - [22/12/2015 11:00:41]
C:\AdwCleaner\AdwCleaner[S9].txt - [2537 Bytes] - [27/12/2015 11:51:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [2968 Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 8.1 Pro x64 
Ran by Daniel (Administrator) on 01.07.2016 at 11:46:32,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5 

Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Care 365 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Turbo Checker (Task)
Successfully deleted: C:\WINDOWS\Tasks\Wise Care 365.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\Wise Turbo Checker.job (Task) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.07.2016 at 11:49:11,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gruß

LuciLu

cosinus · 01.07.2016, 10:56

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

LuciLu · 01.07.2016, 11:36

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von Daniel (Administrator) auf LAPTOP (01-07-2016 12:33:44)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{04E21828-AB1A-4880-A398-56582BE594A3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1E1A188B-1378-4952-811A-32478B758EFD}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{21A0E600-F523-4F9E-BF0B-A97E36F5C31C}: [NameServer] 195.37.88.2,195.37.88.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {4BDC21EA-91A2-49F0-8567-33F8261C8DB6} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {87CE2B2E-CA6B-4EC2-8FA2-0F950A2714B7} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {AD430B31-670C-430F-8AE7-176D9B720BC9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {CDB7F44B-77DE-461C-939C-75FA1569613B} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1709449750-3236269397-1973272773-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\5c7xcxxr.default\Extensions\abs@avira.com [2016-06-23]

Chrome: 
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-31]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-05-30]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-06-15]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2016-06-24] (BioWare)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-17] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-04] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-04] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 secdrv; kein ImagePath
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-08-27] (wisecleaner.com)
R3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [29616 2016-05-27] (WiseCleaner.com)
R3 ykinw8; C:\Windows\system32\DRIVERS\ykinx64.sys [288768 2013-06-18] (Marvell)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 12:33 - 2016-07-01 12:34 - 00015495 _____ C:\Users\Daniel\Desktop\FRST.txt
2016-07-01 11:49 - 2016-07-01 11:49 - 00000884 _____ C:\Users\Daniel\Desktop\JRT.txt
2016-07-01 11:45 - 2016-07-01 11:45 - 01610816 _____ (Malwarebytes) C:\Users\Daniel\Desktop\JRT806.exe
2016-07-01 11:44 - 2016-07-01 11:44 - 00003050 _____ C:\Users\Daniel\Desktop\AdwCleaner[C8].txt
2016-07-01 11:36 - 2016-07-01 11:36 - 03712064 _____ C:\Users\Daniel\Desktop\adwcleaner_5.201.exe
2016-07-01 10:36 - 2016-07-01 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-01 10:35 - 2016-07-01 11:09 - 00000000 ____D C:\Users\Daniel\Desktop\mbar
2016-07-01 10:34 - 2016-07-01 10:34 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Daniel\Desktop\mbar-1.09.3.1001.exe
2016-07-01 07:40 - 2016-07-01 07:41 - 00037277 _____ C:\Users\Daniel\Downloads\Addition.txt
2016-07-01 07:38 - 2016-07-01 12:33 - 00000000 ____D C:\FRST
2016-07-01 07:38 - 2016-07-01 07:41 - 00055030 _____ C:\Users\Daniel\Downloads\FRST.txt
2016-07-01 07:38 - 2016-07-01 07:38 - 02390016 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2016-06-30 20:13 - 2016-07-01 10:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-06-30 20:12 - 2016-06-30 20:12 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.40.exe
2016-06-30 19:48 - 2016-06-30 22:11 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-06-30 19:48 - 2016-06-30 19:48 - 03086696 _____ C:\Users\Daniel\Downloads\instspeedfan452.exe
2016-06-30 19:48 - 2016-06-30 19:48 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-06-30 19:47 - 2016-06-30 19:47 - 00000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\Program Files\CPUID
2016-06-30 19:46 - 2016-06-30 19:46 - 01224080 _____ ( ) C:\Users\Daniel\Downloads\hwmonitor_1.29.exe
2016-06-30 19:39 - 2016-06-30 19:39 - 00262144 ____N C:\WINDOWS\Minidump\063016-23484-01.dmp
2016-06-30 19:38 - 2016-06-30 19:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NVIDIA
2016-06-30 19:37 - 2016-01-29 14:08 - 00082488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 14:08 - 00067520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 06791736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 03529152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 02558328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00932728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-30 19:37 - 2016-01-29 12:49 - 00384888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00062512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-30 19:37 - 2016-01-28 18:29 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-30 19:34 - 2016-06-30 19:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-30 19:34 - 2016-01-29 14:08 - 31523896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 23000000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 18634264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 17559240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 16128576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13916600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13828032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 12911160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-30 19:34 - 2016-01-29 14:08 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 11209376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 04252608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03996216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03210784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 02825016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01908272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01557552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00952256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00915392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00911928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00026157 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-30 19:32 - 2016-06-30 19:32 - 00000000 ____D C:\NVIDIA
2016-06-30 19:31 - 2016-06-30 19:32 - 283505784 _____ (NVIDIA Corporation) C:\Users\Daniel\Downloads\341.95-notebook-win8-win7-64bit-international.exe
2016-06-30 19:26 - 2016-06-30 19:26 - 00262144 ____N C:\WINDOWS\Minidump\063016-21546-01.dmp
2016-06-30 19:23 - 2016-06-30 19:23 - 01474568 _____ C:\Users\Daniel\Downloads\FurMark - CHIP-Installer.exe
2016-06-30 19:03 - 2016-06-30 19:03 - 00262144 ____N C:\WINDOWS\Minidump\063016-22093-01.dmp
2016-06-30 16:44 - 2016-06-30 16:44 - 00000222 _____ C:\Users\Daniel\Desktop\Pillars of Eternity.url
2016-06-30 15:52 - 2016-06-30 15:52 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende (1).pdf
2016-06-30 12:01 - 2016-06-30 12:02 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende.pdf
2016-06-30 09:58 - 2016-06-30 09:58 - 00262144 ____N C:\WINDOWS\Minidump\063016-24593-01.dmp
2016-06-30 09:56 - 2016-06-30 09:56 - 00262144 ____N C:\WINDOWS\Minidump\063016-25453-01.dmp
2016-06-30 09:35 - 2016-06-30 09:35 - 00262144 ____N C:\WINDOWS\Minidump\063016-24718-01.dmp
2016-06-29 08:01 - 2016-06-29 08:01 - 00291928 _____ C:\Users\Daniel\Downloads\1030118809.pdf
2016-06-29 05:57 - 2016-06-29 05:58 - 00564312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-25 17:55 - 2016-06-25 17:56 - 00000000 ____D C:\Users\Daniel\Desktop\Corel
2016-06-25 14:21 - 2016-06-25 14:21 - 00000000 ____D C:\Users\Daniel\Documents\Meine Paletten
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\Program Files (x86)\gs
2016-06-25 14:03 - 2016-06-25 14:06 - 00003314 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2016-06-25 14:03 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files (x86)\Corel
2016-06-25 14:02 - 2016-06-25 14:02 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-06-25 14:00 - 2016-06-25 14:00 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-06-25 13:58 - 2016-06-25 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-06-25 13:57 - 2016-06-25 14:19 - 00000000 ____D C:\Users\Daniel\Documents\Corel
2016-06-25 13:57 - 2016-06-25 14:07 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Corel
2016-06-25 13:55 - 2016-06-25 14:17 - 00000000 ____D C:\ProgramData\Corel
2016-06-25 13:54 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files\Corel
2016-06-25 13:51 - 2016-06-25 13:51 - 00000000 ____D C:\ProgramData\UniqueId
2016-06-25 13:49 - 2016-06-25 13:49 - 01473544 _____ C:\Users\Daniel\Downloads\CorelDraw Graphics Suite X8 64 Bit - CHIP-Installer.exe
2016-06-25 13:41 - 2016-06-25 13:41 - 00001582 _____ C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-06-25 13:41 - 2016-06-25 13:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\gtk-2.0
2016-06-25 13:39 - 2016-06-25 13:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\webkit
2016-06-24 21:26 - 2016-06-24 21:26 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-24 21:25 - 2016-06-24 21:25 - 01476720 _____ C:\Users\Daniel\Downloads\SteamSetup__17.exe
2016-06-23 20:29 - 2016-06-23 20:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\AviraSpeedup
2016-06-23 16:57 - 2016-06-23 16:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\Avira
2016-06-23 16:44 - 2016-07-01 10:26 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-23 16:44 - 2016-07-01 10:24 - 00000000 ____D C:\ProgramData\Avira
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw.exe
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw (1).exe
2016-06-23 16:28 - 2016-06-23 16:28 - 06253640 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-23 15:20 - 2016-06-23 15:20 - 13166304 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\Silverlight_x64 (1).exe
2016-06-23 14:54 - 2016-06-23 14:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-23 14:03 - 2016-06-23 15:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Battle.net
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Blizzard Entertainment
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-23 14:02 - 2016-06-23 14:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-23 14:02 - 2016-06-23 14:02 - 03012080 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Battle.net-Setup.exe
2016-06-23 14:02 - 2016-06-23 14:02 - 00001134 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-23 14:02 - 2016-06-23 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-23 13:48 - 2016-06-23 15:17 - 00000000 ____D C:\ProgramData\Battle.net
2016-06-23 13:48 - 2016-06-23 14:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Battle.net
2016-06-23 13:48 - 2016-06-23 13:48 - 03219440 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Diablo-III-Setup.exe
2016-06-23 13:14 - 2016-06-23 13:14 - 06995720 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup519.exe
2016-06-23 13:07 - 2016-06-23 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Euask
2016-06-23 13:06 - 2016-06-23 13:06 - 06812424 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (3).exe
2016-06-22 08:33 - 2016-06-22 08:33 - 00002325 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:28 - 2016-06-22 08:33 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-06-21 07:27 - 2016-06-21 07:27 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-06-21 07:26 - 2016-06-21 07:26 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-06-21 07:24 - 2016-06-21 07:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-15 20:54 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 20:54 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 20:54 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 20:54 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 20:54 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 20:53 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 20:53 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 20:53 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 20:53 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 20:53 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 20:53 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 20:53 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 20:53 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 20:53 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 20:53 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 20:53 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 20:52 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 20:52 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 20:52 - 2016-05-12 18:24 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 20:52 - 2016-05-12 18:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-15 20:52 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 20:52 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 20:52 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 20:52 - 2016-05-12 17:48 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 20:52 - 2016-05-12 17:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-15 20:52 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 20:51 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 20:51 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 20:51 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 20:51 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 20:51 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 20:51 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 20:51 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 20:51 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 20:51 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 20:51 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 20:51 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 20:50 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 20:50 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 20:50 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 20:50 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 20:50 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 20:50 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 20:50 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 20:50 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 20:50 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 20:50 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 20:50 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-12 23:27 - 2016-06-15 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\ESET
2016-06-12 23:26 - 2016-06-13 11:50 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Daniel\Downloads\esetonlinescanner_enu.exe
2016-06-12 13:26 - 2016-06-12 13:26 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-06-08 13:06 - 2016-06-08 13:06 - 00036009 _____ C:\Users\Daniel\Downloads\1186_6b73.pdf
2016-06-07 21:31 - 2016-06-07 21:31 - 00000000 ____D C:\Users\Daniel\.thumbnails
2016-06-07 21:11 - 2016-06-07 21:11 - 06976264 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (2).exe
2016-06-07 20:48 - 2016-06-07 20:48 - 01471450 _____ C:\Users\Daniel\Downloads\Wiederholtes Wahlausschreiben.zip
2016-06-06 21:05 - 2016-06-06 21:05 - 00098144 _____ C:\Users\Daniel\Downloads\Satzung_FSR_GT_URT.pdf
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR.odt
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR (1).odt
2016-06-04 00:24 - 2016-06-04 00:24 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-04 00:24 - 2016-06-04 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-04 00:23 - 2016-06-04 00:24 - 00000000 ____D C:\Program Files\iTunes
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files\iPod
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-04 00:05 - 2016-06-04 00:06 - 03677248 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 769587.crdownload
2016-06-03 19:37 - 2016-06-03 19:37 - 00001709 _____ C:\Users\Daniel\Downloads\1054364214_bibframe.rdf
2016-06-02 15:18 - 2016-06-02 15:18 - 00701008 _____ C:\Users\Daniel\Downloads\Anlagen.zip
2016-06-01 16:55 - 2016-06-01 16:55 - 00070662 _____ C:\Users\Daniel\Downloads\Protokoll Umweltanalytik V3.odt.pdf
2016-06-01 16:48 - 2016-06-01 16:49 - 215483212 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-48.zip
2016-06-01 16:43 - 2016-06-01 16:56 - 205744746 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-43.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2099-01-01 01:01 - 2015-08-27 11:11 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40BEC314-F4CB-4B1E-A590-6DFF4B087C8D}
2016-07-01 12:31 - 2015-11-17 07:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-01 12:15 - 2015-08-19 14:06 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-01 11:58 - 2015-08-19 19:16 - 00000000 ___RD C:\Users\Daniel\OneDrive
2016-07-01 11:43 - 2016-05-22 17:50 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Care 365
2016-07-01 11:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 11:41 - 2016-01-05 22:42 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-01 11:41 - 2015-11-01 22:11 - 00000000 ____D C:\AdwCleaner
2016-07-01 11:41 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-01 11:33 - 2016-01-23 15:38 - 00000000 ____D C:\Users\Daniel\Desktop\SecurityAndCleaner
2016-07-01 11:27 - 2015-08-19 09:18 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-07-01 11:16 - 2014-09-24 08:16 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 11:16 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-01 11:16 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-01 11:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-01 10:36 - 2015-09-08 20:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 10:35 - 2015-09-08 19:57 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-01 10:24 - 2015-09-17 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 22:10 - 2015-08-19 18:55 - 00000000 ____D C:\Users\Daniel
2016-06-30 22:03 - 2015-09-22 20:09 - 00000000 ____D C:\Users\Daniel\Desktop\CD-Coves itunes
2016-06-30 19:39 - 2015-08-24 13:01 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-30 19:37 - 2016-02-28 00:47 - 00000000 ____D C:\Temp
2016-06-30 19:37 - 2015-11-16 19:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-30 19:37 - 2015-08-19 18:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 19:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2016-06-30 19:36 - 2015-08-20 05:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-30 18:57 - 2015-08-20 07:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-28 21:46 - 2015-08-19 09:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2016-06-26 18:17 - 2015-08-20 07:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-25 23:38 - 2015-11-17 07:46 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-25 17:58 - 2016-01-23 15:36 - 00000000 ____D C:\Users\Daniel\Desktop\Spiele
2016-06-25 17:57 - 2015-11-15 21:49 - 00000000 ____D C:\Users\Daniel\Desktop\Files
2016-06-25 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-25 13:54 - 2016-05-29 19:42 - 00000000 ____D C:\Users\Daniel\.gimp-2.8
2016-06-24 21:33 - 2016-02-20 22:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-24 21:26 - 2015-10-24 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-23 20:32 - 2015-11-02 17:36 - 00000000 ____D C:\WINDOWS\SoftwareDistribution.old
2016-06-23 20:32 - 2015-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\catroot2.old
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 16:34 - 2015-08-20 07:21 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-23 15:20 - 2015-11-16 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 14:55 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-23 14:52 - 2015-12-03 15:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-23 13:07 - 2016-05-22 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-06-19 17:14 - 2016-05-14 17:13 - 00003418 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-06-18 10:05 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 21:31 - 2015-11-17 07:46 - 00003908 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 21:31 - 2015-11-17 07:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 15:41 - 2015-08-19 23:44 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-16 15:41 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-15 22:40 - 2015-08-19 11:59 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-15 22:09 - 2015-08-19 12:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 21:58 - 2015-08-19 12:16 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 19:42 - 2016-05-14 17:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\8213A5E2-8274-4FEC-AFAA-678F401A5C73.aplzod
2016-06-12 19:42 - 2016-05-14 17:14 - 00000000 ___RD C:\Users\Daniel\iCloudDrive
2016-06-12 19:42 - 2015-08-28 21:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple
2016-06-12 09:27 - 2016-04-09 19:54 - 00001079 _____ C:\Users\Daniel\Desktop\MikrSan Vers2.txt
2016-06-04 00:23 - 2015-08-28 21:24 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-08 22:29 - 2015-09-08 22:29 - 0106602 _____ () C:\Users\Daniel\AppData\Local\ars.cache
2015-09-08 22:29 - 2015-09-08 22:29 - 0265562 _____ () C:\Users\Daniel\AppData\Local\census.cache
2015-09-08 22:08 - 2015-09-08 22:08 - 0000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2016-06-25 13:41 - 2016-06-25 13:41 - 0001582 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-02-09 22:10 - 2016-02-09 22:10 - 0000000 _____ () C:\Users\Daniel\AppData\Local\{89A237CE-4F1B-41B8-898A-E841E7003022}

Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
C:\Users\Daniel\AppData\Local\Temp\libeay32.dll
C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Daniel\AppData\Local\Temp\sfareca00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfextra.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-29 06:52

==================== Ende von FRST.txt ============================

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Daniel (2016-07-01 12:34:26)
Gestartet von C:\Users\Daniel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-08-19 17:11:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1709449750-3236269397-1973272773-500 - Administrator - Disabled)
Daniel (S-1-5-21-1709449750-3236269397-1973272773-1001 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-1709449750-3236269397-1973272773-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Amazon Amazon Music) (Version: 4.3.1.1354 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.450 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM\...\Steam App 47810) (Version:  - BioWare)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBoost (HKLM-x32\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6741.2048 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.8.3.59237 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFTK Builder 3.9.4 (HKLM-x32\...\PDFTK Builder_is1) (Version:  - )
Pillars of Eternity (HKLM\...\Steam App 291650) (Version:  - Obsidian Entertainment)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
SafeZone Stable 1.46.1990.55 (x32 Version: 1.46.1990.55 - Avast Software) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wise Care 365 4.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.21 - WiseCleaner.com, Inc.)
YouTube Song Downloader 2016 (HKLM-x32\...\{03C5002E-9F10-4A13-A592-6792A2547BE5}_is1) (Version: 16.0 - Abelssoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {13382F7A-EDA9-4956-AE11-95E475C0A383} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {1942A3FB-F31A-47E7-A0F5-7B8F55A03CDA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {349FB186-3805-46DE-957F-BB667983C9E1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {498343BC-11E0-4931-BE1B-46C304472777} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4B85E31A-546F-4833-90BC-814D040EB1E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {508BA283-7254-4EF2-8582-CEFB21B67BC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {60563777-51CA-4B1A-87AF-FDE0A02EFC3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {63C17159-385D-4323-BD3D-CA1529026783} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {65EBBB35-1867-4617-8F15-CB052C5ABA66} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001 => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-22] (Microsoft Corporation)
Task: {669D913A-4CE3-4BD2-9C44-CCCAEAF5965D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {AE18AC8B-D8AF-40CD-96D8-4DC7510504F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B5DE45FD-AC31-4362-80E9-7BB0D9907A5E} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {BD1E406F-7582-43DF-A944-E5A633C829C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {C7D36B38-1D9E-4256-87A0-55E07F6588A6} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {CFC47512-31AD-4A30-AC5C-5D3F2BE0AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {D1B8CF01-FB76-4EB7-9EF9-E0BFD2D2ED61} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {E0AD3D0C-4BF9-4265-80FF-85983D7FF8A1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {E1FA123E-BDF2-4DBD-A6E4-E3B183F70CB9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-22 08:33 - 2016-06-22 08:33 - 00959168 _____ () C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-06 04:06 - 2016-06-05 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-02-28 01:01 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 195.37.88.2 - 195.37.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "ApplePhotoStreams"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{516D38C1-9507-41AD-BD80-152A7D7739E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{600484C7-CFB7-4B32-8AC2-F766E0ECEE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0E8DDE1-7506-46A3-89D2-326F8348AA27}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A62FBBBA-123A-4013-8CFD-9F135399175E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB4B3C5A-958D-4E46-AAB1-19DFF1A83961}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{D8EBD861-BBA7-42C3-8E44-90BD4839BC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{4C2CB540-53C1-4B52-913F-CB383F063CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{0FAA2744-D843-4DA2-B6CE-F7DADCA78DFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{220022D1-EAFB-463A-9980-EBC2A33F55C2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E73378C6-4BD1-4565-9028-CDBE9AF44C98}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{09FC3CF8-BBBB-4028-8134-45EF68200817}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{19C98646-0666-4C69-AF5C-7A0BFA255830}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{AD1CB20E-BDB0-48AA-9BBB-169CD25D3C1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{25928986-E265-433C-B99E-2315323A0A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe

==================== Wiederherstellungspunkte =========================

30-06-2016 20:37:07 Revo Uninstaller's restore point - SpeedFan (remove only)
01-07-2016 11:46:36 JRT Pre-Junkware Removal
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.

Error: (07/01/2016 12:32:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1056) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.


Systemfehler:
=============
Error: (07/01/2016 11:47:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/01/2016 11:42:46 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (07/01/2016 11:41:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3 = Das System kann den angegebenen Pfad nicht finden.


Error: (07/01/2016 11:41:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/01/2016 11:41:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/01/2016 11:41:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/01/2016 11:41:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/01/2016 11:41:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/01/2016 11:41:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/01/2016 11:41:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


CodeIntegrity:
===================================
  Date: 2016-07-01 12:32:22.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:20.582
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:20.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:19.383
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:19.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:18.664
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:18.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:17.960
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:17.570
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-01 12:32:17.132
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 4506.31 MB
Summe virtueller Speicher: 7100.41 MB
Verfügbarer virtueller Speicher: 4985.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:575.18 GB) (Free:442.39 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:744.92 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7BA3F2D1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=575.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.9 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2067C1CD)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Gruß

cosinus · 01.07.2016, 12:23

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
CHR Extension: (Avira Browserschutz) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
C:\Users\Daniel\Downloads\spybot-2.4.40.exe
C:\ProgramData\Spybot - Search & Destroy
C:\WINDOWS\System32\Tasks\Safer-Networking
C:\ProgramData\boost_interprocess
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

LuciLu · 01.07.2016, 12:39

Hier das Log

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Daniel (2016-07-01 13:30:06) Run:1
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
CHR Extension: (Avira Browserschutz) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
C:\Users\Daniel\Downloads\spybot-2.4.40.exe
C:\ProgramData\Spybot - Search & Destroy
C:\WINDOWS\System32\Tasks\Safer-Networking
C:\ProgramData\boost_interprocess
emptytemp:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden. 
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wert erfolgreich wiederhergestellt
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
C:\Users\Daniel\Downloads\spybot-2.4.40.exe => erfolgreich verschoben
C:\ProgramData\Spybot - Search & Destroy => erfolgreich verschoben
C:\WINDOWS\System32\Tasks\Safer-Networking => erfolgreich verschoben
C:\ProgramData\boost_interprocess => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11634861 B
Java, Flash, Steam htmlcache => 376635419 B
Windows/system/drivers => 204993114 B
Edge => 0 B
Chrome => 136160789 B
Firefox => 14817374 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 96638 B
systemprofile32 => 128 B
LocalService => 130950 B
NetworkService => 17202 B
Daniel => 32284630 B
 => 0 B

RecycleBin => 0 B
EmptyTemp: => 748.8 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:30:26 ====

Gruß

01.07.2016, 10:56	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Routineuntersuchung nach Schädlingen Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Routineuntersuchung nach Schädlingen

Plagegeister aller Art und deren Bekämpfung: Routineuntersuchung nach Schädlingen