Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.08.2015, 11:23   #1
MrHyde23
 
Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Hallo,
ich habe folgendes Problem:
Seit Anfang des Monats hat mein System deutliche Performance-Einbußen. Bemerkt habe ich es, da ich beim World of Tanks zocken auf einmal nur noch ca. 25-30 FPS hatte, statt der üblichen ca. 60-65 FPS. Dieses Problem machte sich auch im Benchmark mit 3D Mark bemerkbar. Hier ist der Punkterückgang voll beid er Grafikkarte zu sehen. Das Problem besteht, wenn es auftritt die ganze Windows-Sitzung über. Zwischenzeitlich, nach einem Neustart des Systems kommt es hin und wieder auch vor, dass die ursprünglöiche Leistung wieder erreicht wird, dies bleibt dann auch die gesamte Sitzung über so, auch beim stundenlangen zocken. Vsync ist aus.

Bei der Problemsuchen habe ich folgendes unternommen/bemerkt:
-Graka und CPU Treiber aktualisiert
-Temperaturen überprüft (sind ok, alles unter 60°C)
-Stecker überprüft
-Spannungen mit Analysetools, wie GPU-Z und HWMonitor überprüft

Bemerkt habe ich folgendes: Wenn das Problem auftritt hat die GPU eine hohe und stark schwankende Auslastung von Teilweise bis zu 70% im normalen Desktopbetrieb mit geöffnetem Browser, Tritt das Problem nicht auf ist die Auslastung relativ konstant bei vllt. 10%. Weiterhin ist mir aufgefallen, dass beim Auftreten des Problems die Screenshottaste nicht funktioniert. Normalerweise wird beim drücken von "Druck" ein Screenshot erstellt und bei Dropbox gespeichert. Tritt jedoch das Problem auf passiert nichts.

Weiterhin habe ich Malwarebytes Anti-Malware durchlaufen lassen, jedoch ohne Befund.

Anti-Malware:
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2015/08/25 09:49:18 +0200</date>

<logfile>mbam-log-2015-08-25 (09-49-15).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.1.8.1057</version>

<malware-database>v2015.08.25.02</malware-database>

<rootkit-database>v2015.08.16.01</rootkit-database>

<license>trial</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 8.1</osversion>

<arch>x64</arch>

<username>Jan</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>353600</objects>

<time>433</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>0</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>

<items> </items>

</mbam-log>
         
defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:15 on 25/08/2015 (Jan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von Jan (Administrator) auf HÄUSI-PC (25-08-2015 10:07:09)
Gestartet von E:\Downloads
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Geek Software GmbH) E:\Programme\PDF24\pdf24.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() E:\Downloads\Defogger.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Programme\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => E:\Programme\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [icq] => C:\Users\Jan\AppData\Roaming\ICQM\icq.exe [36705800 2015-01-28] (ICQ)
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-02-04]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programme\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3237370717-2417404269-748884813-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programme\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Programme\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Programme\Microsoft Office\Office15\MSOSB.DLL [2015-04-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{930F7053-690A-47C0-B642-9E1728351289}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\qjzcx0qs.default
FF Homepage: web.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Programme\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\qjzcx0qs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Programme\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Programme\AVAST Software\Avast\WebRep\FF [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-21]

Chrome: 
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Avast SafePrice) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-03]
CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\peielepacdigfhimglfncbljnbnibooi [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programme\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programme\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-16]

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Programme\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [1930608 2015-03-27] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R2 VBoxAswDrv; C:\Programme\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 10:06 - 2015-08-25 10:07 - 00000000 ____D C:\FRST
2015-08-25 10:05 - 2015-08-25 10:05 - 00000000 _____ C:\Users\Jan\defogger_reenable
2015-08-25 09:48 - 2015-08-25 09:49 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-25 09:48 - 2015-08-25 09:48 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-25 09:48 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-25 09:48 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-25 09:48 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-21 14:32 - 2015-08-25 09:31 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-08-21 14:32 - 2015-08-21 14:32 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-08-21 12:22 - 2015-08-21 12:22 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-08-20 18:38 - 2015-08-20 18:38 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 18:38 - 2015-08-20 18:38 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 18:38 - 2015-08-20 18:38 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 18:21 - 2015-08-20 18:21 - 00000000 _____ C:\Windows\SysWOW64\OCL364E.tmp
2015-08-20 17:56 - 2015-08-20 17:56 - 00000743 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-08-20 16:48 - 2015-08-20 16:48 - 00000000 _____ C:\Windows\SysWOW64\OCLDA85.tmp
2015-08-20 15:06 - 2015-08-21 17:05 - 00000000 ____D C:\Users\Jan\Desktop\pc
2015-08-20 11:54 - 2015-08-21 14:33 - 00008154 _____ C:\Windows\PFRO.log
2015-08-19 19:00 - 2015-08-20 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-19 18:42 - 2015-08-19 18:42 - 00000013 _____ C:\Users\Jan\Desktop\otelo.txt
2015-08-19 18:25 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 18:25 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:53 - 2015-08-17 19:53 - 00000000 _____ C:\Windows\SysWOW64\OCLA821.tmp
2015-08-16 10:17 - 2015-08-16 10:17 - 00000000 ____D C:\ProgramData\ATI
2015-08-16 10:04 - 2015-08-25 09:40 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-16 10:04 - 2015-08-16 10:04 - 00000000 ____D C:\Users\Jan\AppData\Roaming\library_dir
2015-08-16 10:03 - 2015-08-16 10:03 - 00058877 _____ C:\Windows\SysWOW64\CCCInstall_201508161003537947.log
2015-08-16 10:03 - 2015-08-16 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-16 10:01 - 2015-08-16 10:01 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-16 09:54 - 2015-08-21 14:33 - 00005709 _____ C:\Windows\setupact.log
2015-08-16 09:54 - 2015-08-16 09:54 - 00000000 _____ C:\Windows\setuperr.log
2015-08-15 20:23 - 2015-08-25 09:53 - 00723860 _____ C:\Windows\WindowsUpdate.log
2015-08-15 19:36 - 2015-08-15 19:36 - 00000781 _____ C:\Users\Jan\Desktop\World of Tanks.lnk
2015-08-15 19:36 - 2015-08-15 19:36 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-08-14 11:53 - 2015-08-20 18:21 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-08-14 11:53 - 2015-08-14 11:54 - 00000000 ____D C:\Users\Jan\Documents\3DMark
2015-08-14 11:53 - 2015-08-14 11:53 - 00000000 ____D C:\Users\Jan\AppData\Local\Futuremark
2015-08-14 11:52 - 2015-08-14 11:52 - 00000963 _____ C:\Users\Public\Desktop\3DMark.lnk
2015-08-14 11:51 - 2015-08-14 11:51 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-08-13 12:50 - 2015-08-13 12:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 12:38 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:38 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:23 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 12:23 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 12:23 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 12:23 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 12:23 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 12:23 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 12:23 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 12:23 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 12:23 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 12:23 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 12:23 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 12:23 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 12:23 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 12:23 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 12:23 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 12:23 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 12:23 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 12:23 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 12:23 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 12:23 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 12:23 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 12:23 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 12:23 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 12:23 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 12:23 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 12:23 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 12:23 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 12:23 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 12:23 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 12:23 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 12:23 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 12:23 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 12:23 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 12:23 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 12:23 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 12:23 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 12:23 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 12:23 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 12:23 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 12:22 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 12:22 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 12:22 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 12:22 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 12:22 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 12:22 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 12:22 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 12:22 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 12:22 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 12:22 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 12:22 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 12:22 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 12:22 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 12:22 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 12:22 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 12:22 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 12:21 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 12:21 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 12:21 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 12:21 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 12:21 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 12:21 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 12:21 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 12:21 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 12:21 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 12:21 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 12:21 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 12:21 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 12:21 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 12:21 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 12:21 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 12:21 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 12:21 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 12:21 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 12:21 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 12:21 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 12:21 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 12:21 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 12:21 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 12:21 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 12:21 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 12:21 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 12:21 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 08:27 - 2015-08-04 08:27 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 08:27 - 2015-08-04 08:27 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 08:25 - 2015-08-04 08:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:23 - 2015-08-04 08:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-08-04 08:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:18 - 2015-08-04 08:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 08:14 - 2015-08-04 08:14 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 07:58 - 2015-08-04 07:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 07:57 - 2015-08-04 07:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 06:11 - 2015-08-04 06:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 05:43 - 2015-08-04 05:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-08-04 04:55 - 2015-08-04 04:55 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 04:32 - 2015-08-04 04:32 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-08-04 04:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 04:16 - 2015-08-04 04:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 04:07 - 2015-08-04 04:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-08-04 04:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-08-04 04:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 03:48 - 2015-08-04 03:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 03:48 - 2015-08-04 03:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-08-04 03:47 - 2015-08-04 03:47 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:42 - 2015-08-04 03:42 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 03:35 - 2015-08-04 03:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-31 18:00 - 2015-07-31 18:25 - 00000000 ____D C:\Users\Jan\Desktop\htc backup alles

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 10:05 - 2015-06-18 16:54 - 00001234 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA.job
2015-08-25 10:05 - 2015-06-18 16:54 - 00001182 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core.job
2015-08-25 10:05 - 2015-01-26 18:35 - 00000000 ____D C:\Users\Jan
2015-08-25 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-25 09:53 - 2015-01-26 18:41 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3237370717-2417404269-748884813-1001
2015-08-25 09:48 - 2015-01-26 19:16 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-08-25 09:43 - 2015-05-17 15:37 - 00000790 _____ C:\Users\Public\Desktop\Opera.lnk
2015-08-25 09:43 - 2015-05-17 15:37 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-25 09:43 - 2015-02-03 12:56 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-25 09:43 - 2015-01-26 18:52 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 09:43 - 2015-01-26 18:52 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 09:43 - 2015-01-26 18:35 - 00001462 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 09:25 - 2015-02-03 12:55 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-25 09:25 - 2015-01-27 10:28 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox
2015-08-25 09:25 - 2015-01-26 18:38 - 00000000 ___DO C:\Users\Jan\SkyDrive
2015-08-23 16:15 - 2015-02-03 12:55 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 16:13 - 2015-01-28 18:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-21 14:48 - 2015-01-26 18:46 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-21 14:48 - 2015-01-26 18:46 - 00000000 ____D C:\Windows\system32\vbox
2015-08-21 14:39 - 2015-01-26 18:34 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 14:39 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-21 14:39 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-21 14:34 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 14:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-21 14:32 - 2015-01-26 19:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-08-21 14:31 - 2015-01-26 19:16 - 00001098 _____ C:\Users\Jan\Desktop\MSI Afterburner.lnk
2015-08-20 18:38 - 2015-01-26 18:46 - 00003916 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-20 18:38 - 2015-01-26 18:45 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 17:56 - 2015-07-03 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-08-20 17:21 - 2015-01-26 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-19 18:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 18:17 - 2015-05-17 15:37 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431869857
2015-08-16 11:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-16 10:06 - 2015-03-02 12:35 - 00000000 ____D C:\Users\Jan\Documents\Heroes of the Storm
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\ProgramData\AMD
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files\AMD
2015-08-16 10:01 - 2015-01-26 18:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-16 10:00 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-16 09:59 - 2015-01-26 18:54 - 00000000 ____D C:\AMD
2015-08-15 19:36 - 2015-01-26 19:32 - 00000000 ____D C:\Games
2015-08-14 17:13 - 2015-06-04 16:43 - 00000000 ____D C:\Users\Jan\Desktop\Umzug
2015-08-13 18:19 - 2015-01-28 18:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-13 12:40 - 2013-08-22 16:44 - 00482904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 15:40 - 2015-04-15 20:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 15:40 - 2015-04-15 20:05 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 13:13 - 2015-01-28 18:52 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 12:38 - 2015-01-26 18:35 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2015-08-12 12:37 - 2015-01-27 10:49 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:35 - 2015-01-27 10:49 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 12:31 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:31 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:31 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-08-12 12:30 - 2015-05-27 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 08:28 - 2014-07-21 23:04 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 08:28 - 2014-07-21 23:04 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 08:28 - 2014-07-21 23:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 08:28 - 2013-12-07 00:08 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-08-04 08:28 - 2013-12-07 00:03 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 08:28 - 2013-12-07 00:01 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 08:28 - 2013-12-06 23:59 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-29 20:15 - 2015-04-08 18:43 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-17 18:27 - 2015-07-17 18:27 - 0003427 _____ () C:\Users\Jan\AppData\Local\recently-used.xbel
2015-01-26 19:00 - 2015-01-26 19:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win8.1-64bit.exe
C:\Users\Jan\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijnh4p.dll
C:\Users\Jan\AppData\Local\Temp\raptrpatch.exe
C:\Users\Jan\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-17 20:05

==================== Ende von FRST.txt ============================
         

Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von Jan (2015-08-25 10:07:34)
Gestartet von E:\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3237370717-2417404269-748884813-500 - Administrator - Disabled)
Gast (S-1-5-21-3237370717-2417404269-748884813-501 - Limited - Disabled)
Jan (S-1-5-21-3237370717-2417404269-748884813-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.383 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Brother MFL-Pro Suite MFC-490CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Dropbox (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
ICQ 8.3 (build 7317) (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\ICQ) (Version: 8.3.7317.0 - ICQ)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.18 - MSI)
netis Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - netis Systems Co.,Ltd.)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.480 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
World of Tanks (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2138973A-E8C8-40BB-9577-95729955BFE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {476464C5-017F-402A-8570-2DD91ABCD044} - System32\Tasks\avast! Emergency Update => C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {517B4DF4-2A5A-4ABC-88AD-1EAE977C5D81} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {5E278BD3-B354-454A-9A89-B48F6A475D26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {87F58A37-97A5-4F4D-A307-596351B65588} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {96698610-AB35-45C5-B938-F76EE38D9268} - System32\Tasks\Opera scheduled Autoupdate 1431869857 => E:\Programme\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {A48C12B0-F68E-4CC1-AFE5-EC5FFCAC38D5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A706F824-5B06-4D2C-AC77-7270CA1CE2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {C2857B7E-26D7-4E08-BAD0-DC456AA767A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C7FF2B80-DEB7-4AD2-818B-31B01DC96B7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {D75DE96E-AC7B-4B45-B46C-868B362098C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {E9AC8C76-CC34-40C9-B1C6-B6F7DAB83D4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {F511B767-C199-43CB-8637-6DB4A15FF9E9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F536D5E5-837C-484D-A97D-AAEA6000588C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-03-23 14:25 - 2015-03-23 15:46 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-08 19:06 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00402432 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-02-04 15:39 - 2013-04-09 12:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2015-02-08 19:06 - 2012-09-25 12:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-08-04 00:25 - 2015-08-04 00:25 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-05-27 12:05 - 2015-05-27 12:05 - 00578272 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00197632 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-11-09 13:37 - 2014-11-09 13:37 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-08-25 10:04 - 2015-08-25 10:04 - 00050477 _____ () E:\Downloads\Defogger.exe
2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-08-20 18:38 - 2015-08-20 18:38 - 00102864 _____ () C:\Programme\AVAST Software\Avast\log.dll
2015-08-20 18:38 - 2015-08-20 18:38 - 00123976 _____ () C:\Programme\AVAST Software\Avast\JsonRpcServer.dll
2015-08-20 14:43 - 2015-08-20 14:43 - 02960384 _____ () C:\Programme\AVAST Software\Avast\defs\15082001\algo.dll
2015-08-23 13:33 - 2015-08-23 13:33 - 02960896 _____ () C:\Programme\AVAST Software\Avast\defs\15082300\algo.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-02-04 15:39 - 2013-01-22 15:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-02-04 15:39 - 2013-04-02 14:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2015-02-04 15:39 - 2013-05-07 12:16 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2015-02-04 15:39 - 2013-05-07 12:16 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2015-04-16 10:16 - 2015-04-16 10:16 - 40540672 _____ () C:\Programme\AVAST Software\Avast\libcef.dll
2015-08-25 09:25 - 2015-08-25 09:25 - 00071168 _____ () c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijnh4p.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:25 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-02-08 19:06 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-05-18 13:43 - 2015-05-18 13:43 - 00218624 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-05-22 12:56 - 2015-05-22 12:56 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-05-22 13:36 - 2015-05-22 13:36 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-11-09 13:37 - 2014-11-09 13:37 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Jan\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3237370717-2417404269-748884813-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{A087EB5C-1E3D-4DB3-BC9B-575D66437500}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37C99036-1E0C-44F7-B186-5445EB4CD08D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A70575E0-AC73-4538-BCF0-0B70D96E4ACF}] => (Allow) C:\Games\WarThunder\launcher.exe
FirewallRules: [{AEF9EECE-B79D-4AA4-B4F8-8E35A4C1D20F}] => (Allow) C:\Games\WarThunder\launcher.exe
FirewallRules: [{BB1B8638-C141-4CF8-B404-D07A94E8277E}] => (Allow) LPort=80
FirewallRules: [{DBAB9A19-FC24-4A97-935B-8F0C5233725B}] => (Allow) LPort=443
FirewallRules: [{AFA48C26-9510-4A00-BF9F-0EE5137B6ACD}] => (Allow) LPort=20010
FirewallRules: [{D194FD01-C6D3-4081-9D25-C84B72B3C747}] => (Allow) LPort=3478
FirewallRules: [{0E3C084D-0E56-4C25-AC37-71B2E90CC1D5}] => (Allow) LPort=7850
FirewallRules: [{F2C6AC7C-418E-4D56-8484-F96221E95BAB}] => (Allow) LPort=7852
FirewallRules: [{60B333AA-43CA-493C-817E-548252F1CE1F}] => (Allow) LPort=7853
FirewallRules: [{92B63C10-5A5E-4CBD-9203-A01BF743B805}] => (Allow) LPort=27022
FirewallRules: [{40A86549-6F53-4D85-8FFB-CDFDDCFE48F0}] => (Allow) LPort=6881
FirewallRules: [{DF990B42-58C8-4CE1-8395-3FA7C3E8349D}] => (Allow) LPort=33333
FirewallRules: [{BF54B4C9-3498-44A9-A429-6CD79B239F31}] => (Allow) LPort=20443
FirewallRules: [{F25F403A-0547-4BB1-96AD-C77C335896FF}] => (Allow) LPort=8090
FirewallRules: [{9EC098DF-DD75-4819-9E66-14727616F39F}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{348E5C3D-7095-4D7D-9E6C-5C6F6CB90136}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{807F24CD-7AE3-45B6-9AB5-8F7A7A88C134}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A87A0403-EBB5-40D0-927E-461D82A88144}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3D91F231-02A7-465A-8FCB-288420280602}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{3F78216F-AC6F-4B00-BB14-A259CB81335A}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [{1505E56B-B323-4603-969C-8CC3C72259D8}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{47F0D7AB-3477-40BA-8750-090ACE0EFA98}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{89F856BA-F06A-447B-A18B-882A93ED9B16}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{D4D055F6-CC81-43C5-B693-456D4168D0ED}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{56BB6931-95AE-4BED-924D-36C4F0116525}] => (Allow) E:\Spiele\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7121B78A-A289-4294-9ED7-F609A27437B8}] => (Allow) E:\Spiele\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F5834CCF-3A81-4ED9-88E5-B63701AE7BF9}] => (Allow) E:\Programme\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{A6A5B210-8847-41C2-A731-CAD04713E4C7}] => (Allow) E:\Programme\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{69F4491E-0122-4826-B6B5-FB513C05D99F}] => (Allow) E:\Programme\Microsoft Office\Office14\outlook.exe
FirewallRules: [{F4F4B051-D5B5-4733-A22E-CADE40DE93F7}] => (Allow) E:\Spiele\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{3445951C-2E92-4B3B-80BA-60770538A835}] => (Allow) E:\Spiele\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{52B991A3-3315-4450-83F6-07E6713EFEA3}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08x\FAXRX.exe
FirewallRules: [{23188739-0688-4F1B-A9B3-0932D1D0AF83}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08x\FAXRX.exe
FirewallRules: [{696131D2-E6AF-4A4A-8AA0-9AD584B95B55}] => (Allow) LPort=54925
FirewallRules: [{2CB22951-04B4-4C12-9396-07D3BAB9EC25}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{1013CBEC-E15A-411E-9AD7-2083DA0AE546}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{E3ECB8F6-B51F-444F-B938-9BB20D86A6AD}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{765299FF-0AE5-423C-A489-EB5FA25EBECA}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{E907A79B-FEBC-463C-A5C1-22928E63678E}] => (Allow) E:\Programme\Winamp\winamp.exe
FirewallRules: [{F6032CAA-994B-4227-A1E9-D928563153E2}] => (Allow) E:\Programme\Winamp\winamp.exe
FirewallRules: [{922D185B-7007-4377-95EF-AF51201F980C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2D14F490-2A76-4B4B-8DA1-C3F9E8F4E19E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{45BC8033-6C04-4456-BCE5-7B9427B7E355}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7AD1A7B1-08A0-493C-A941-A1FD0E1E6EB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CC76A165-72FF-4D6A-8B45-C4E77E414AC4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{514521C1-F09B-4F16-A349-1438F0239372}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{99164144-C7F3-4618-A4F0-A24B339B2A2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{892A9831-4CE7-4AEB-BB74-49F2034C38EC}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{8A0D3A85-7740-474D-B219-F52C846615CF}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{6EF3DFAD-E204-4F02-B374-0F4B87B64C36}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{C2E7D779-A1A5-4D04-A755-243A2B7C4C63}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{3E4DD0A3-81A8-49AA-A97C-81838F51210E}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{0C4C1805-34F7-43B2-A04E-CDF2D6C74C6C}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [TCP Query User{C2DC894C-4E9D-4874-82C4-37A5CCE5017B}E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{44036E56-9839-4516-AD75-BC272295BA04}E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4C10D2E7-A68F-4F8D-8A42-017FEF9FB134}E:\spiele\world_of_warships\wowslauncher.exe] => (Allow) E:\spiele\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{3C4551FF-9BCD-4F2E-8019-095406F875DA}E:\spiele\world_of_warships\wowslauncher.exe] => (Allow) E:\spiele\world_of_warships\wowslauncher.exe
FirewallRules: [{511DBA6C-0E0E-4D0C-8F6F-8C752AA00AE3}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{81CC8642-C159-429D-A3C1-54B89C934C7C}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D39C70B4-D770-4B0E-AD24-AA4DCE9E0418}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{27A457B4-63C1-4248-9931-0149AD6A6BB3}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{3C923702-EA5D-417F-92C7-342FC46AC7CD}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{50AB06DD-442C-467F-AA11-D1FB6FC417DE}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{9035B924-0640-4EF5-BA38-36FC4690D320}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EE3F7B81-BF7A-46E4-8267-8EB733A9B207}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{653AB280-0886-444A-97C9-0EE0C143298A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2C068AC0-1B40-4BB4-8C27-C66B5FFC2405}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{1CEA0862-E66C-4C5E-91F2-C523BA14B516}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F8C47182-C1C6-4DB2-A144-50D16F82323D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{9F8213C6-C66E-4864-A7CA-D5F4E9DE5F39}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2CD32726-E1BB-4AA0-BF9A-93098619DF35}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1DAAA025-3DFA-44A8-ADE8-623F0FF21623}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:01:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 10:01:13.286]: [00001168]:    Don't Create FileMapping!!!!


Systemfehler:
=============
Error: (08/23/2015 04:20:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/23/2015 02:27:51 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/23/2015 12:13:45 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "HÄUSI-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.149
registriert werden. Der Computer mit IP-Adresse 192.168.0.148 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/23/2015 12:13:42 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "HZUSI-PC       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.149
registriert werden. Der Computer mit IP-Adresse 192.168.0.148 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/23/2015 12:13:42 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{930F7053-690A-47C0-B642-9E1728351289} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/21/2015 05:15:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/20/2015 08:28:14 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/20/2015 07:46:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/20/2015 06:19:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/20/2015 06:18:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office:
=========================
Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:07:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:07:13.284]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:05:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:05:13.285]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    Don't Create FileMapping!!!!

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 10:03:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:03:13.284]: [00001168]:    Error : ExecMonitor()

Error: (08/25/2015 10:01:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 10:01:13.286]: [00001168]:    Don't Create FileMapping!!!!


CodeIntegrity:
===================================
  Date: 2015-08-21 13:03:29.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-08 14:37:14.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-16 10:45:18.077
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8148.75 MB
Verfügbarer physikalischer RAM: 5367.29 MB
Summe virtueller Speicher: 9428.75 MB
Verfügbarer virtueller Speicher: 6131.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:43.22 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1784.85 GB) (Free:1367.1 GB) NTFS
Drive f: (Volume) (Fixed) (Total:78.17 GB) (Free:77.97 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 6A974740)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C1E7E390)
Partition 1: (Not Active) - (Size=1784.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.2 GB) - (Type=07 NTFS)

==================== Ende von FRST.txt ============================
         

GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-25 10:13:41
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 INTENSO rev.S9FM01.9 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Jan\AppData\Local\Temp\pglcipoc.sys


---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [1768:2724]                                                                                                                                                                                                                       fffff9600094b2d0
---- Processes - GMER 2.1 ----

Library  C:\Programme\AVAST Software\Avast\libcef.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604](2015-04-16 08:16:45                                                                                                                    000000006d7b0000
Library  C:\Programme\AVAST Software\Avast\ssleay32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073e90000
Library  C:\Programme\AVAST Software\Avast\LIBEAY32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073d50000
Library  C:\Programme\AVAST Software\Avast\defs\15082300\uiExt.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (FILE NOT FOUND)                                                                                                          0000000070780000
Library  C:\Programme\AVAST Software\Avast\defs\15082300\aswCmnOS.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (FILE NOT FOUND)                                                                                                       000000005e6f0000
Library  C:\Programme\AVAST Software\Avast\defs\15082300\aswCmnIS.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (FILE NOT FOUND)                                                                                                       000000005e2c0000
Library  C:\Programme\AVAST Software\Avast\defs\15082300\aswCmnBS.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [2604] (FILE NOT FOUND)                                                                                                       000000005d4c0000
Library  c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpijnh4p.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660](2015-08-25 07:25:13)                                                 0000000070190000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)                     000000006b030000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (ICU I18N DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     000000004a900000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (ICU Common DLL/The ICU Project)(2015-07-30 09:25:49)                                                                   0000000005ef0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (ICU Data DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     0000000068f60000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)                  000000006a970000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000068b20000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  0000000068980000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   0000000067960000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                    0000000067710000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      00000000674a0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-07-30 09:25:49)               000000006a950000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      000000006a920000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)            0000000067460000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)             0000000067410000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   00000000673c0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  00000000672d0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  0000000065da0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660](2015-03-04 21:45:30)                                                                                   0000000067220000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660](2015-03-04 21:45:30)                                                                     0000000067150000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660](2015-07-30 09:25:50)                                                                        0000000067130000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [4660](2015-03-04 21:45:30)                                                                              0000000067120000

---- EOF - GMER 2.1 ----
         
Sorry für den langen Text und vielen Dank für die Hilfe im Voraus

Alt 25.08.2015, 11:37   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



hi,

Avast aus (auch bei neustart!) Rechner neu starten und ohne Avast nochmal testen.
__________________

__________________

Alt 25.08.2015, 12:12   #3
MrHyde23
 
Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Danke, dass du dich meines Falles annimst.
Ich habe Avast deaktiviert, so weit es ging und neugestartet.

Hier die Ergebnisse.

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von Jan (Administrator) auf HÄUSI-PC (25-08-2015 11:59:02)
Gestartet von E:\Downloads
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Geek Software GmbH) E:\Programme\PDF24\pdf24.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Programme\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-20] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => E:\Programme\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [icq] => C:\Users\Jan\AppData\Roaming\ICQM\icq.exe [36705800 2015-01-28] (ICQ)
HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-02-04]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programme\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3237370717-2417404269-748884813-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-20] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programme\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Programme\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Programme\Microsoft Office\Office15\MSOSB.DLL [2015-04-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{930F7053-690A-47C0-B642-9E1728351289}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\qjzcx0qs.default
FF Homepage: web.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Programme\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\qjzcx0qs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Programme\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Programme\AVAST Software\Avast\WebRep\FF [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-21]

Chrome: 
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Avast SafePrice) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-03]
CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\peielepacdigfhimglfncbljnbnibooi [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programme\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programme\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-16]

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Programme\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; E:\Spiele\Origin\OriginClientService.exe [1930608 2015-03-27] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R2 VBoxAswDrv; C:\Programme\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 11:58 - 2015-08-25 11:58 - 00050379 _____ C:\Users\Jan\Desktop\FRST.txt
2015-08-25 10:08 - 2015-08-25 11:02 - 00000000 ____D C:\Users\Jan\Desktop\scans
2015-08-25 10:06 - 2015-08-25 11:59 - 00000000 ____D C:\FRST
2015-08-25 10:05 - 2015-08-25 10:05 - 00000000 _____ C:\Users\Jan\defogger_reenable
2015-08-25 09:48 - 2015-08-25 11:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-25 09:48 - 2015-08-25 09:48 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-25 09:48 - 2015-08-25 09:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-25 09:48 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-25 09:48 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-25 09:48 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-21 14:32 - 2015-08-25 09:31 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-08-21 14:32 - 2015-08-21 14:32 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2015-08-21 12:22 - 2015-08-21 12:22 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-08-20 18:38 - 2015-08-20 18:38 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 18:38 - 2015-08-20 18:38 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 18:38 - 2015-08-20 18:38 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 18:21 - 2015-08-20 18:21 - 00000000 _____ C:\Windows\SysWOW64\OCL364E.tmp
2015-08-20 17:56 - 2015-08-20 17:56 - 00000743 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-08-20 16:48 - 2015-08-20 16:48 - 00000000 _____ C:\Windows\SysWOW64\OCLDA85.tmp
2015-08-20 15:06 - 2015-08-21 17:05 - 00000000 ____D C:\Users\Jan\Desktop\pc
2015-08-20 11:54 - 2015-08-25 11:41 - 00008982 _____ C:\Windows\PFRO.log
2015-08-19 19:00 - 2015-08-20 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-19 18:42 - 2015-08-19 18:42 - 00000013 _____ C:\Users\Jan\Desktop\otelo.txt
2015-08-19 18:25 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 18:25 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 19:53 - 2015-08-17 19:53 - 00000000 _____ C:\Windows\SysWOW64\OCLA821.tmp
2015-08-16 10:17 - 2015-08-16 10:17 - 00000000 ____D C:\ProgramData\ATI
2015-08-16 10:04 - 2015-08-25 09:40 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-16 10:04 - 2015-08-16 10:04 - 00000000 ____D C:\Users\Jan\AppData\Roaming\library_dir
2015-08-16 10:03 - 2015-08-16 10:03 - 00058877 _____ C:\Windows\SysWOW64\CCCInstall_201508161003537947.log
2015-08-16 10:03 - 2015-08-16 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-16 10:01 - 2015-08-16 10:01 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-16 09:54 - 2015-08-25 11:41 - 00005825 _____ C:\Windows\setupact.log
2015-08-16 09:54 - 2015-08-16 09:54 - 00000000 _____ C:\Windows\setuperr.log
2015-08-15 20:23 - 2015-08-25 11:54 - 00753343 _____ C:\Windows\WindowsUpdate.log
2015-08-15 19:36 - 2015-08-15 19:36 - 00000781 _____ C:\Users\Jan\Desktop\World of Tanks.lnk
2015-08-15 19:36 - 2015-08-15 19:36 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-08-14 11:53 - 2015-08-20 18:21 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-08-14 11:53 - 2015-08-14 11:54 - 00000000 ____D C:\Users\Jan\Documents\3DMark
2015-08-14 11:53 - 2015-08-14 11:53 - 00000000 ____D C:\Users\Jan\AppData\Local\Futuremark
2015-08-14 11:52 - 2015-08-14 11:52 - 00000963 _____ C:\Users\Public\Desktop\3DMark.lnk
2015-08-14 11:51 - 2015-08-14 11:51 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-08-13 12:50 - 2015-08-13 12:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 12:38 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:38 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:23 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 12:23 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 12:23 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 12:23 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 12:23 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 12:23 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 12:23 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 12:23 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 12:23 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 12:23 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 12:23 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 12:23 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 12:23 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 12:23 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 12:23 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 12:23 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 12:23 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 12:23 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 12:23 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 12:23 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 12:23 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 12:23 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 12:23 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 12:23 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 12:23 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 12:23 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 12:23 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 12:23 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 12:23 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 12:23 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 12:23 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 12:23 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 12:23 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 12:23 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 12:23 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 12:23 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 12:23 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 12:23 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 12:23 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 12:23 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 12:22 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 12:22 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 12:22 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 12:22 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 12:22 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 12:22 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 12:22 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 12:22 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 12:22 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 12:22 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 12:22 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 12:22 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 12:22 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 12:22 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 12:22 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 12:22 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 12:22 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 12:21 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 12:21 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 12:21 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 12:21 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 12:21 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 12:21 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 12:21 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 12:21 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 12:21 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 12:21 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 12:21 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 12:21 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 12:21 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 12:21 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 12:21 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 12:21 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 12:21 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 12:21 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 12:21 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 12:21 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 12:21 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 12:21 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 12:21 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 12:21 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 12:21 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 12:21 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 12:21 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 08:27 - 2015-08-04 08:27 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 08:27 - 2015-08-04 08:27 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 08:25 - 2015-08-04 08:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:23 - 2015-08-04 08:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-08-04 08:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:18 - 2015-08-04 08:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 08:14 - 2015-08-04 08:14 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 07:58 - 2015-08-04 07:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 07:57 - 2015-08-04 07:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 06:11 - 2015-08-04 06:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 05:43 - 2015-08-04 05:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-08-04 04:56 - 2015-08-04 04:56 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-08-04 04:55 - 2015-08-04 04:55 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 04:32 - 2015-08-04 04:32 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-08-04 04:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 04:16 - 2015-08-04 04:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 04:07 - 2015-08-04 04:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-08-04 04:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-08-04 04:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 03:48 - 2015-08-04 03:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 03:48 - 2015-08-04 03:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-08-04 03:47 - 2015-08-04 03:47 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:42 - 2015-08-04 03:42 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 03:35 - 2015-08-04 03:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-31 18:00 - 2015-07-31 18:25 - 00000000 ____D C:\Users\Jan\Desktop\htc backup alles

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 11:46 - 2015-01-26 18:34 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 11:46 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-25 11:46 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-25 11:41 - 2015-02-03 12:55 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-25 11:41 - 2015-01-27 10:28 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox
2015-08-25 11:41 - 2015-01-26 18:38 - 00000000 ___DO C:\Users\Jan\SkyDrive
2015-08-25 11:41 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 11:40 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-25 11:15 - 2015-02-03 12:55 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-25 11:13 - 2015-01-28 18:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 11:05 - 2015-06-18 16:54 - 00001234 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA.job
2015-08-25 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-25 10:26 - 2015-01-26 18:41 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3237370717-2417404269-748884813-1001
2015-08-25 10:10 - 2015-01-26 19:16 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-08-25 10:05 - 2015-06-18 16:54 - 00001182 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core.job
2015-08-25 10:05 - 2015-01-26 18:35 - 00000000 ____D C:\Users\Jan
2015-08-25 09:43 - 2015-05-17 15:37 - 00000790 _____ C:\Users\Public\Desktop\Opera.lnk
2015-08-25 09:43 - 2015-05-17 15:37 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-25 09:43 - 2015-02-03 12:56 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-25 09:43 - 2015-01-26 18:52 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 09:43 - 2015-01-26 18:52 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 09:43 - 2015-01-26 18:35 - 00001462 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-21 14:48 - 2015-01-26 18:46 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-21 14:48 - 2015-01-26 18:46 - 00000000 ____D C:\Windows\system32\vbox
2015-08-21 14:32 - 2015-01-26 19:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-08-21 14:31 - 2015-01-26 19:16 - 00001098 _____ C:\Users\Jan\Desktop\MSI Afterburner.lnk
2015-08-20 18:38 - 2015-01-26 18:46 - 00003916 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-20 18:38 - 2015-01-26 18:45 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 18:38 - 2015-01-26 18:45 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 17:56 - 2015-07-03 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-08-20 17:21 - 2015-01-26 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-19 18:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 18:17 - 2015-05-17 15:37 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431869857
2015-08-16 11:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-16 10:06 - 2015-03-02 12:35 - 00000000 ____D C:\Users\Jan\Documents\Heroes of the Storm
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\ProgramData\AMD
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-16 10:03 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files\AMD
2015-08-16 10:01 - 2015-01-26 18:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-16 10:00 - 2015-01-26 18:54 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-16 09:59 - 2015-01-26 18:54 - 00000000 ____D C:\AMD
2015-08-15 19:36 - 2015-01-26 19:32 - 00000000 ____D C:\Games
2015-08-14 17:13 - 2015-06-04 16:43 - 00000000 ____D C:\Users\Jan\Desktop\Umzug
2015-08-13 18:19 - 2015-01-28 18:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-13 12:40 - 2013-08-22 16:44 - 00482904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 15:40 - 2015-04-15 20:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 15:40 - 2015-04-15 20:05 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 15:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 13:13 - 2015-01-28 18:52 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 12:38 - 2015-01-26 18:35 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2015-08-12 12:37 - 2015-01-27 10:49 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:35 - 2015-01-27 10:49 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 12:31 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:31 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:31 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-08-12 12:30 - 2015-05-27 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 08:28 - 2014-07-21 23:04 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 08:28 - 2014-07-21 23:04 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 08:28 - 2014-07-21 23:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 08:28 - 2013-12-07 00:08 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-08-04 08:28 - 2013-12-07 00:03 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 08:28 - 2013-12-07 00:01 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 08:28 - 2013-12-06 23:59 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-29 20:15 - 2015-04-08 18:43 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-17 18:27 - 2015-07-17 18:27 - 0003427 _____ () C:\Users\Jan\AppData\Local\recently-used.xbel
2015-01-26 19:00 - 2015-01-26 19:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win8.1-64bit.exe
C:\Users\Jan\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Jan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb8du3f.dll
C:\Users\Jan\AppData\Local\Temp\raptrpatch.exe
C:\Users\Jan\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-17 20:05

==================== Ende von FRST.txt ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von Jan (2015-08-25 11:59:24)
Gestartet von E:\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3237370717-2417404269-748884813-500 - Administrator - Disabled)
Gast (S-1-5-21-3237370717-2417404269-748884813-501 - Limited - Disabled)
Jan (S-1-5-21-3237370717-2417404269-748884813-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark (HKLM-x32\...\{12d6e0d7-21d5-4755-9da2-70352c6f7558}) (Version: 1.5.915.0 - Futuremark)
3DMark (Version: 1.5.915.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.383 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Brother MFL-Pro Suite MFC-490CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Dropbox (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
ICQ 8.3 (build 7317) (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\ICQ) (Version: 8.3.7317.0 - ICQ)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.18 - MSI)
netis Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - netis Systems Co.,Ltd.)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.480 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
World of Tanks (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3237370717-2417404269-748884813-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3237370717-2417404269-748884813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

25-08-2015 10:27:44 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2138973A-E8C8-40BB-9577-95729955BFE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {476464C5-017F-402A-8570-2DD91ABCD044} - System32\Tasks\avast! Emergency Update => C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {5E278BD3-B354-454A-9A89-B48F6A475D26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {87F58A37-97A5-4F4D-A307-596351B65588} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {96698610-AB35-45C5-B938-F76EE38D9268} - System32\Tasks\Opera scheduled Autoupdate 1431869857 => E:\Programme\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {A48C12B0-F68E-4CC1-AFE5-EC5FFCAC38D5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A706F824-5B06-4D2C-AC77-7270CA1CE2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {C2857B7E-26D7-4E08-BAD0-DC456AA767A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C7FF2B80-DEB7-4AD2-818B-31B01DC96B7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {D75DE96E-AC7B-4B45-B46C-868B362098C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {E9AC8C76-CC34-40C9-B1C6-B6F7DAB83D4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {F30BEA6D-0567-4832-8067-6F86D0F92A43} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {F511B767-C199-43CB-8637-6DB4A15FF9E9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F536D5E5-837C-484D-A97D-AAEA6000588C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3237370717-2417404269-748884813-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-03-23 14:25 - 2015-03-23 15:46 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-08 19:06 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-02-04 15:39 - 2013-04-09 12:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2015-02-08 19:06 - 2012-09-25 12:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-08-04 00:25 - 2015-08-04 00:25 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-02-04 15:39 - 2013-01-22 15:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-02-04 15:39 - 2013-04-02 14:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2015-02-04 15:39 - 2013-05-07 12:16 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2015-02-04 15:39 - 2013-05-07 12:16 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2015-08-25 11:41 - 2015-08-25 11:41 - 00071168 _____ () c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb8du3f.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 11:25 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-04-16 10:16 - 2015-04-16 10:16 - 40540672 _____ () C:\Programme\AVAST Software\Avast\libcef.dll
2015-08-20 18:38 - 2015-08-20 18:38 - 00102864 _____ () C:\Programme\AVAST Software\Avast\log.dll
2015-08-20 18:38 - 2015-08-20 18:38 - 00123976 _____ () C:\Programme\AVAST Software\Avast\JsonRpcServer.dll
2015-02-08 19:06 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Jan\SkyDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3237370717-2417404269-748884813-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{A087EB5C-1E3D-4DB3-BC9B-575D66437500}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37C99036-1E0C-44F7-B186-5445EB4CD08D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A70575E0-AC73-4538-BCF0-0B70D96E4ACF}] => (Allow) C:\Games\WarThunder\launcher.exe
FirewallRules: [{AEF9EECE-B79D-4AA4-B4F8-8E35A4C1D20F}] => (Allow) C:\Games\WarThunder\launcher.exe
FirewallRules: [{BB1B8638-C141-4CF8-B404-D07A94E8277E}] => (Allow) LPort=80
FirewallRules: [{DBAB9A19-FC24-4A97-935B-8F0C5233725B}] => (Allow) LPort=443
FirewallRules: [{AFA48C26-9510-4A00-BF9F-0EE5137B6ACD}] => (Allow) LPort=20010
FirewallRules: [{D194FD01-C6D3-4081-9D25-C84B72B3C747}] => (Allow) LPort=3478
FirewallRules: [{0E3C084D-0E56-4C25-AC37-71B2E90CC1D5}] => (Allow) LPort=7850
FirewallRules: [{F2C6AC7C-418E-4D56-8484-F96221E95BAB}] => (Allow) LPort=7852
FirewallRules: [{60B333AA-43CA-493C-817E-548252F1CE1F}] => (Allow) LPort=7853
FirewallRules: [{92B63C10-5A5E-4CBD-9203-A01BF743B805}] => (Allow) LPort=27022
FirewallRules: [{40A86549-6F53-4D85-8FFB-CDFDDCFE48F0}] => (Allow) LPort=6881
FirewallRules: [{DF990B42-58C8-4CE1-8395-3FA7C3E8349D}] => (Allow) LPort=33333
FirewallRules: [{BF54B4C9-3498-44A9-A429-6CD79B239F31}] => (Allow) LPort=20443
FirewallRules: [{F25F403A-0547-4BB1-96AD-C77C335896FF}] => (Allow) LPort=8090
FirewallRules: [{9EC098DF-DD75-4819-9E66-14727616F39F}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{348E5C3D-7095-4D7D-9E6C-5C6F6CB90136}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{807F24CD-7AE3-45B6-9AB5-8F7A7A88C134}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A87A0403-EBB5-40D0-927E-461D82A88144}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3D91F231-02A7-465A-8FCB-288420280602}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{3F78216F-AC6F-4B00-BB14-A259CB81335A}C:\games\warthunder\aces.exe] => (Allow) C:\games\warthunder\aces.exe
FirewallRules: [{1505E56B-B323-4603-969C-8CC3C72259D8}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{47F0D7AB-3477-40BA-8750-090ACE0EFA98}] => (Allow) E:\Spiele\Steam\Steam.exe
FirewallRules: [{89F856BA-F06A-447B-A18B-882A93ED9B16}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{D4D055F6-CC81-43C5-B693-456D4168D0ED}] => (Allow) E:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{56BB6931-95AE-4BED-924D-36C4F0116525}] => (Allow) E:\Spiele\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7121B78A-A289-4294-9ED7-F609A27437B8}] => (Allow) E:\Spiele\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F5834CCF-3A81-4ED9-88E5-B63701AE7BF9}] => (Allow) E:\Programme\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{A6A5B210-8847-41C2-A731-CAD04713E4C7}] => (Allow) E:\Programme\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{69F4491E-0122-4826-B6B5-FB513C05D99F}] => (Allow) E:\Programme\Microsoft Office\Office14\outlook.exe
FirewallRules: [{F4F4B051-D5B5-4733-A22E-CADE40DE93F7}] => (Allow) E:\Spiele\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{3445951C-2E92-4B3B-80BA-60770538A835}] => (Allow) E:\Spiele\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{52B991A3-3315-4450-83F6-07E6713EFEA3}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08x\FAXRX.exe
FirewallRules: [{23188739-0688-4F1B-A9B3-0932D1D0AF83}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08x\FAXRX.exe
FirewallRules: [{696131D2-E6AF-4A4A-8AA0-9AD584B95B55}] => (Allow) LPort=54925
FirewallRules: [{2CB22951-04B4-4C12-9396-07D3BAB9EC25}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{1013CBEC-E15A-411E-9AD7-2083DA0AE546}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{E3ECB8F6-B51F-444F-B938-9BB20D86A6AD}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{765299FF-0AE5-423C-A489-EB5FA25EBECA}E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{E907A79B-FEBC-463C-A5C1-22928E63678E}] => (Allow) E:\Programme\Winamp\winamp.exe
FirewallRules: [{F6032CAA-994B-4227-A1E9-D928563153E2}] => (Allow) E:\Programme\Winamp\winamp.exe
FirewallRules: [{922D185B-7007-4377-95EF-AF51201F980C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2D14F490-2A76-4B4B-8DA1-C3F9E8F4E19E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{45BC8033-6C04-4456-BCE5-7B9427B7E355}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7AD1A7B1-08A0-493C-A941-A1FD0E1E6EB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CC76A165-72FF-4D6A-8B45-C4E77E414AC4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{514521C1-F09B-4F16-A349-1438F0239372}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{99164144-C7F3-4618-A4F0-A24B339B2A2F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{892A9831-4CE7-4AEB-BB74-49F2034C38EC}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{8A0D3A85-7740-474D-B219-F52C846615CF}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{6EF3DFAD-E204-4F02-B374-0F4B87B64C36}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{C2E7D779-A1A5-4D04-A755-243A2B7C4C63}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{3E4DD0A3-81A8-49AA-A97C-81838F51210E}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{0C4C1805-34F7-43B2-A04E-CDF2D6C74C6C}] => (Allow) E:\Programme\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [TCP Query User{C2DC894C-4E9D-4874-82C4-37A5CCE5017B}E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{44036E56-9839-4516-AD75-BC272295BA04}E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) E:\programme\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{4C10D2E7-A68F-4F8D-8A42-017FEF9FB134}E:\spiele\world_of_warships\wowslauncher.exe] => (Allow) E:\spiele\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{3C4551FF-9BCD-4F2E-8019-095406F875DA}E:\spiele\world_of_warships\wowslauncher.exe] => (Allow) E:\spiele\world_of_warships\wowslauncher.exe
FirewallRules: [{511DBA6C-0E0E-4D0C-8F6F-8C752AA00AE3}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{81CC8642-C159-429D-A3C1-54B89C934C7C}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{D39C70B4-D770-4B0E-AD24-AA4DCE9E0418}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{27A457B4-63C1-4248-9931-0149AD6A6BB3}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{3C923702-EA5D-417F-92C7-342FC46AC7CD}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{50AB06DD-442C-467F-AA11-D1FB6FC417DE}] => (Allow) E:\Spiele\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{9035B924-0640-4EF5-BA38-36FC4690D320}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EE3F7B81-BF7A-46E4-8267-8EB733A9B207}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{653AB280-0886-444A-97C9-0EE0C143298A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2C068AC0-1B40-4BB4-8C27-C66B5FFC2405}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{1CEA0862-E66C-4C5E-91F2-C523BA14B516}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F8C47182-C1C6-4DB2-A144-50D16F82323D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{9F8213C6-C66E-4864-A7CA-D5F4E9DE5F39}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2CD32726-E1BB-4AA0-BF9A-93098619DF35}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1DAAA025-3DFA-44A8-ADE8-623F0FF21623}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:55:37.059]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:55:37.059]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:55:37.058]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:51:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/08/25 11:51:37.051]: [00005796]:    Don't Create FileMapping!!!!


Systemfehler:
=============
Error: (08/25/2015 11:40:39 AM) (Source: DCOM) (EventID: 10010) (User: HÄUSI-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/25/2015 11:40:39 AM) (Source: DCOM) (EventID: 10010) (User: HÄUSI-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/25/2015 11:40:39 AM) (Source: DCOM) (EventID: 10010) (User: HÄUSI-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/25/2015 11:40:39 AM) (Source: DCOM) (EventID: 10010) (User: HÄUSI-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/23/2015 04:20:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/23/2015 02:27:51 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (08/23/2015 12:13:45 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "HÄUSI-PC       :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.149
registriert werden. Der Computer mit IP-Adresse 192.168.0.148 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/23/2015 12:13:42 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "HZUSI-PC       :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.149
registriert werden. Der Computer mit IP-Adresse 192.168.0.148 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (08/23/2015 12:13:42 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{930F7053-690A-47C0-B642-9E1728351289} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (08/21/2015 05:15:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5


Microsoft Office:
=========================
Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:57:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:57:37.072]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:55:37.059]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:55:37.059]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:55:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:55:37.058]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    Don't Create FileMapping!!!!

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    FrendlyName : Brother MFC-490CW Printer

Error: (08/25/2015 11:53:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:53:37.053]: [00005796]:    Error : ExecMonitor()

Error: (08/25/2015 11:51:37 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMONBrtSTMON: [2015/08/25 11:51:37.051]: [00005796]:    Don't Create FileMapping!!!!


CodeIntegrity:
===================================
  Date: 2015-08-21 13:03:29.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-08 14:37:14.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-16 10:45:18.077
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 8148.75 MB
Verfügbarer physikalischer RAM: 6703.47 MB
Summe virtueller Speicher: 9428.75 MB
Verfügbarer virtueller Speicher: 7846.3 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:43.04 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1784.85 GB) (Free:1367.1 GB) NTFS
Drive f: (Volume) (Fixed) (Total:78.17 GB) (Free:77.97 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 6A974740)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C1E7E390)
Partition 1: (Not Active) - (Size=1784.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78.2 GB) - (Type=07 NTFS)

==================== Ende von FRST.txt ============================
         

GMER habe ich zweimal laufen lassen, mit unterschiedlichen Ergebnissen. Bzw. GMER 2 zusätzlich mit Reg.

GMER 1:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-25 12:03:16
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 INTENSO rev.S9FM01.9 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Jan\AppData\Local\Temp\pglcipoc.sys


---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [756:1400]                                                                                                                                                                                                                        fffff960008f72d0
---- Processes - GMER 2.1 ----

Library  c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb8du3f.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-08-25 09:41:34)                                                 000000006e4a0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)                     000000006c620000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU I18N DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     000000004a900000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU Common DLL/The ICU Project)(2015-07-30 09:25:49)                                                                   0000000006aa0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU Data DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     000000006ad60000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)                  000000006a920000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000069e00000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  000000006a780000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   0000000066100000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                    0000000069bb0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000065e90000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-07-30 09:25:49)               000000006e2d0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      000000006e2a0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)            000000006e260000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)             000000006e210000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   000000006ce30000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  000000006a690000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  000000006cdf0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                                   00000000628f0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                     0000000062820000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-07-30 09:25:50)                                                                        0000000062800000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                              00000000627f0000
Library  C:\Programme\AVAST Software\Avast\libcef.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512](2015-04-16 08:16:45                                                                                                                    0000000067430000
Library  C:\Programme\AVAST Software\Avast\ssleay32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073560000
Library  C:\Programme\AVAST Software\Avast\LIBEAY32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073420000
Library  C:\Programme\AVAST Software\Avast\defs\15082500\uiExt.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (FILE NOT FOUND)                                                                                                          000000006e1e0000

---- EOF - GMER 2.1 ----
         

GMER 2:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-25 12:07:34
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 INTENSO rev.S9FM01.9 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Jan\AppData\Local\Temp\pglcipoc.sys


---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [756:1400]                                                                                                                                                                                                                        fffff960008f72d0
---- Processes - GMER 2.1 ----

Library  c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb8du3f.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-08-25 09:41:34)                                                 000000006e4a0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)                     000000006c620000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU I18N DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     000000004a900000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU Common DLL/The ICU Project)(2015-07-30 09:25:49)                                                                   0000000006aa0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (ICU Data DLL/The ICU Project)(2015-07-30 09:25:49)                                                                     000000006ad60000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)                  000000006a920000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000069e00000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  000000006a780000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   0000000066100000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                    0000000069bb0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000065e90000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-07-30 09:25:49)               000000006e2d0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      000000006e2a0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)            000000006e260000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)             000000006e210000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   000000006ce30000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  000000006a690000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  000000006cdf0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                                   00000000628f0000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                     0000000062820000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-07-30 09:25:50)                                                                        0000000062800000
Library  C:\Users\Jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5572](2015-03-04 21:45:30)                                                                              00000000627f0000
Library  C:\Programme\AVAST Software\Avast\libcef.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512](2015-04-16 08:16:45                                                                                                                    0000000067430000
Library  C:\Programme\AVAST Software\Avast\ssleay32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073560000
Library  C:\Programme\AVAST Software\Avast\LIBEAY32.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (OpenSSL Shared Library/The OpenSSL Project, hxxp://www.openssl.org/)(2015-08-20 16:38:38)                                           0000000073420000
Library  C:\Programme\AVAST Software\Avast\defs\15082500\uiExt.dll (*** suspicious ***) @ C:\Programme\AVAST Software\Avast\AvastUI.exe [5512] (FILE NOT FOUND)                                                                                                          000000006e1e0000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                                                                                               -1822969925
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy                                                                                                                                                                                                            
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Type                                                                                                                                                                                                       2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Start                                                                                                                                                                                                      3
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ErrorControl                                                                                                                                                                                               1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Tag                                                                                                                                                                                                        2
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ImagePath                                                                                                                                                                                                  \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@DisplayName                                                                                                                                                                                                MBAMSwissArmy
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Group                                                                                                                                                                                                      FSFilter Activity Monitor
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@WOW64                                                                                                                                                                                                      1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances                                                                                                                                                                                                  
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances@DefaultInstance                                                                                                                                                                                  MBAMSwissArmy Instance
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance                                                                                                                                                                           
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance@Flags                                                                                                                                                                     0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy                                                                                                                                                                                                            
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                                                                                                                1263
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\iexplore@Count                                                                                                                                                  46
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime                                                                                                                                                                                              0xC0 0x72 0x11 0x25 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                                                                                                                                                          0xFD 0x35 0x88 0x4C ...
Reg      HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation                                                                                                                                                                                     C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_4097_f8c714a6bafa8adca375b51a3daadadc176dfc4e_00000000_02981dbe
Reg      HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CheckingForSolutionDialog                                                                                                                                                               0x8E 0x00 0x03 0x00 ...
Reg      HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CloseDialog                                                                                                                                                                             0x20 0x10 0x04 0x00 ...

---- EOF - GMER 2.1 ----
         
__________________

Alt 26.08.2015, 07:41   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Was macht die GPU Auslastung wenn Avast aus ist?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.08.2015, 11:25   #5
MrHyde23
 
Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Sie bleibt unverändert. Schwankt auch dann im Desktopbetrieb und die Leistung bleibt im Benchmark unverändert niedrig.


Alt 27.08.2015, 08:34   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Dann nochmal die Graka testen.
__________________
--> Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games

Alt 28.08.2015, 14:23   #7
MrHyde23
 
Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Hi,
leider hat das auch nichts geändert. Allerdings habe ich wie im Link beschrieben die MS-Dienste außenvor gelassen. Soll ich diese auch mal deaktivieren und es dann noch einmal versuchen?
Kann ich alle Dienste von MS bedenkenlos deaktivieren oder kann WIndows dann nicht mehr gestartet werden?

Alt 29.08.2015, 09:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Nee, dann startet Windows evtl nicht mehr

Vielleicht hat die Graka einfach nen Schuss weg. Bitte mal auch ältere Treiber testen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.08.2015, 18:27   #9
MrHyde23
 
Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Habe heute sämtliche AMD-Treiber deinstalliert und durch ältere Versionen ersetzt, dies hat leider auch keine Auswirkungen gezeigt. Vielleicht hat die Graka ja doch einfach einen Knacks weg. Was Schade wäre, denn der ganze PC ist gerade mal 7 Monate alt und damit gerade so über die Grenze der Beweislastumkehr :/

Alt 30.08.2015, 12:58   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Standard

Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games



Testweise ne andre einbauen zum Testen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games
antivirus, auslastung, browser, computer, cpu, dnsapi.dll, firefox, flash player, helper, homepage, logfile, mozilla, netzwerk, problem, prozesse, realtek, registry, rundll, scan, security, server, software, svchost.exe, system, udp, usb



Ähnliche Themen: Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games


  1. Windows 7: Plötzlich sehr hohe Arbeitsspeicherauslastung
    Log-Analyse und Auswertung - 26.02.2014 (15)
  2. CPU Auslastung bei 100% im Desktopbetrieb
    Log-Analyse und Auswertung - 01.02.2014 (5)
  3. Delta.search eingefangen und internetexplorer ist plötzlich portugiesisch statt deutsch
    Plagegeister aller Art und deren Bekämpfung - 24.09.2013 (21)
  4. Zu hohe CPU-Auslastung
    Log-Analyse und Auswertung - 04.08.2013 (43)
  5. Hohe CPU-Auslastung (cmd.exe)
    Plagegeister aller Art und deren Bekämpfung - 04.11.2011 (9)
  6. Hohe CPU Auslastung!
    Log-Analyse und Auswertung - 22.04.2011 (6)
  7. Plötzlich hohe Cpu auslastung, ohne erkennbaren Grund
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (36)
  8. plötzlich hohe cpu auslastung
    Log-Analyse und Auswertung - 30.04.2010 (0)
  9. PC lahmt plötzlich in Games
    Log-Analyse und Auswertung - 04.08.2009 (1)
  10. pc plötzlich langsam, hohe auslastung!
    Log-Analyse und Auswertung - 21.06.2009 (6)
  11. Hohe CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 18.01.2009 (1)
  12. hohe cpu auslastung
    Log-Analyse und Auswertung - 11.12.2008 (0)
  13. Hohe CPU Auslastung
    Mülltonne - 08.11.2008 (0)
  14. Nur noch about:blank statt eingegebener Startseite
    Log-Analyse und Auswertung - 20.03.2008 (6)
  15. PC ist beim Spielen von Games plötzlich langsam
    Log-Analyse und Auswertung - 08.03.2007 (4)
  16. Hohe CPU-Auslastung
    Log-Analyse und Auswertung - 22.05.2006 (1)
  17. Stark schwankende CPU Auslastung
    Log-Analyse und Auswertung - 16.05.2005 (0)

Zum Thema Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games - Hallo, ich habe folgendes Problem: Seit Anfang des Monats hat mein System deutliche Performance-Einbußen. Bemerkt habe ich es, da ich beim World of Tanks zocken auf einmal nur noch ca. - Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games...
Archiv
Du betrachtest: Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.