Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: HiJack-Auswertung?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.09.2015, 14:26   #1
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hallo liebe Community,

bei mir stürzt Chrome ständig ab und es öffnen sich Werbetabs...

Bisher versucht: Kaspersky, Spybot, CCleaner aber nichts hilft wirklich.
Daher habe ich nun eine HijackThis-Auswertung und hoffen, dass mir jemand helfen kann.

Zitat:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Downloads\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [LexwareInfoService] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe /autostart
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GalaxyClient] F:\GameZ\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [ScreenSplitter] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Synology Cloud Station.lnk = C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe
O4 - Global Startup: E-POST CLOUD.lnk = C:\Program Files (x86)\E-POST\EPostCloud.exe
O4 - Global Startup: E-POST MAILER.lnk = C:\Program Files (x86)\E-POST\EpostMailer.exe
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V13 (AdobeActiveFileMonitor13.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Dropbox-Update-Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-Update-Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - F:\GameZ\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lexware Update Service (Lexware_Update_Service) - Haufe-Lexware GmbH & Co. KG - C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - F:\GameZ\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

Alt 06.09.2015, 15:03   #2
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?





Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst.

Ich bedanke mich für deine Geduld

HJT ist veraltet, bitte einen FRST-Scan nachreichen

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 06.09.2015, 16:22   #3
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



FRST.TXT

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von sexyS (Administrator) auf SK-ZENTRALE (06-09-2015 17:05:56)
Gestartet von D:\Downloads
Geladene Profile: sexyS (Verfügbare Profile: sexyS)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-08-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [475016 2015-08-16] (Acronis)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [690992 2015-08-14] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7090888 2015-08-17] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [OneDrive] => C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-23] (Microsoft Corporation)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [GalaxyClient] => F:\GameZ\GalaxyClient\GalaxyClient.exe [7249976 2015-08-23] (GOG.com)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [1960432 2015-04-14] (LG Electronics)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3732752 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-08-28] (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1_EPMInConflictHandler] -> {188FBECF-3754-4767-94ED-E06FF03C57DE} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInProgressHandler] -> {EF1FAD52-44AF-4B92-8462-048F036E16A9} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInSyncHandler] -> {85837018-AB69-4BD9-95D3-0DDCDE2EA467} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST CLOUD.lnk [2015-07-31]
ShortcutTarget: E-POST CLOUD.lnk -> C:\Program Files (x86)\E-POST\EPostCloud.exe (Deutsche Post AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST MAILER.lnk [2015-07-31]
ShortcutTarget: E-POST MAILER.lnk -> C:\Program Files (x86)\E-POST\EpostMailer.exe (Deutsche Post AG)
Startup: C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-07-21]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a50885f-d806-4984-be7b-d680c6cd113b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,start page = about:blank
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-05]

Chrome: 
=======
CHR Profile: C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-06]
CHR Extension: (Google Docs) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-06]
CHR Extension: (Google Drive) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-06]
CHR Extension: (YouTube) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-06]
CHR Extension: (Google Search) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-06]
CHR Extension: (Google Sheets) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-06]
CHR Extension: (Avast Online Security) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-06]
CHR Extension: (Enhanced Steam) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-09-06]
CHR Extension: (Gmail) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-06]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-05] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-08-24] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-26] (Disc Soft Ltd)
S3 GalaxyClientService; F:\GameZ\GalaxyClient\GalaxyClientService.exe [1720888 2015-08-23] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6874680 2015-08-23] (GOG.com)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-08-14] (Haufe-Lexware GmbH & Co. KG)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 Origin Client Service; F:\GameZ\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-17] (Realtek Semiconductor)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [971968 2015-02-02] (@ByELDI) [Datei ist nicht signiert]
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [297672 2015-06-23] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-17] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [485856 2015-07-17] (Intel Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-08-23] (Acronis International GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-17] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-07-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-08-23] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [206800 2015-08-23] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [567888 2015-08-23] (Acronis International GmbH)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-06 17:05 - 2015-09-06 17:05 - 00000000 ____D C:\FRST
2015-09-06 17:01 - 2015-09-06 17:01 - 00016148 _____ C:\WINDOWS\system32\SK-ZENTRALE_sexyS_HistoryPrediction.bin
2015-09-06 13:13 - 2015-09-06 13:13 - 00000000 _____ C:\autoexec.bat
2015-09-06 12:39 - 2015-09-06 16:44 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 12:39 - 2015-09-06 14:33 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 12:39 - 2015-09-06 12:39 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-06 12:39 - 2015-09-06 12:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-06 12:39 - 2015-09-06 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-05 12:54 - 2015-09-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-09-05 11:48 - 2015-09-06 14:33 - 00000642 _____ C:\WINDOWS\PFRO.log
2015-09-05 11:44 - 2015-09-05 11:44 - 00001268 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2015-09-04 17:27 - 2015-09-04 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 19:42 - 2015-09-03 19:42 - 00002814 _____ C:\Users\sexyS\AppData\Local\recently-used.xbel
2015-09-02 15:58 - 2015-09-02 15:58 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-02 15:58 - 2015-09-02 15:58 - 00000000 ____D C:\Program Files\CCleaner
2015-09-01 13:31 - 2015-09-06 16:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-29 15:03 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 15:03 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 15:03 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-29 15:03 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 15:03 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-29 15:03 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 15:03 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 15:03 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-29 15:03 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 15:03 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 15:03 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 15:03 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 15:03 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 15:03 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 15:03 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 15:03 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-24 15:22 - 2015-08-24 15:28 - 00000000 ____D C:\Users\sexyS\AppData\Local\DayZ
2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\Program Files\SiSoftware
2015-08-24 10:47 - 2015-08-24 10:47 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-08-24 10:47 - 2015-08-24 10:47 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-08-24 10:47 - 2015-08-24 10:47 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-08-24 10:47 - 2015-08-24 10:47 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-08-23 19:42 - 2015-08-23 19:49 - 00000000 ____D C:\Users\sexyS\AppData\Local\Last_Man
2015-08-23 15:16 - 2015-08-23 15:33 - 00000000 ____D C:\AdwCleaner
2015-08-23 14:43 - 2015-08-23 14:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-23 14:39 - 2015-08-23 15:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-23 14:39 - 2015-08-23 15:36 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-23 14:39 - 2015-08-23 15:36 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-23 14:39 - 2015-08-23 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-23 14:39 - 2015-08-23 14:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-23 14:39 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2015-08-23 12:17 - 2015-08-23 15:56 - 00000000 ____D C:\ProgramData\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00567888 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00343504 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00323040 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00206800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2195.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2016.lnk
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\Program Files (x86)\Acronis
2015-08-21 10:08 - 2015-08-21 10:08 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Acronis
2015-08-21 09:23 - 2015-08-23 12:17 - 01057728 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2015-08-21 09:23 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2015-08-20 12:58 - 2015-09-03 20:07 - 00000000 ___RD C:\Users\sexyS\Desktop\Vorübergehend
2015-08-20 12:50 - 2015-08-20 12:50 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\elsterformular
2015-08-20 10:58 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 10:58 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-20 10:58 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-20 10:58 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-20 10:58 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-20 10:58 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-20 10:58 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-20 10:58 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-20 10:58 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-20 10:58 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-20 10:58 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-20 10:58 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-20 10:58 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-20 10:58 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-20 10:58 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-20 10:58 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-20 10:58 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-20 10:58 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 14:51 - 2015-08-29 10:34 - 00001129 _____ C:\Users\sexyS\Desktop\SK-Bearbeitung.lnk
2015-08-18 14:50 - 2015-08-29 10:37 - 00000760 _____ C:\Users\sexyS\Desktop\Cloud Station.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00001068 _____ C:\Users\sexyS\Desktop\Galerie.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000721 _____ C:\Users\sexyS\Desktop\OneDrive.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000705 _____ C:\Users\sexyS\Desktop\MS-DOS.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000953 _____ C:\Users\sexyS\Desktop\Downloads.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000921 _____ C:\Users\sexyS\Desktop\Musik.lnk
2015-08-18 14:49 - 2015-08-29 10:02 - 00001303 _____ C:\Users\sexyS\Desktop\Dropbox.lnk
2015-08-18 12:08 - 2015-08-18 12:08 - 00000000 ___HD C:\$Windows.~WS
2015-08-16 15:09 - 2015-08-17 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-16 15:09 - 2015-08-16 15:09 - 00000000 ____D C:\Program Files\DIFX
2015-08-16 12:48 - 2015-08-16 12:48 - 00000000 ____D C:\ProgramData\ATI
2015-08-15 15:07 - 2015-08-15 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-08-15 13:25 - 2015-08-15 13:25 - 00062253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325323347.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00052907 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325023796.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-15 13:24 - 2015-08-15 13:24 - 47795680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 39725024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 30762464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 27546080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 22328800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 07577184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 01197552 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00808944 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00215008 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00137696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00123872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00117608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00103904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00096736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00091104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00082688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00069600 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00062432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059360 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00039904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-12 17:38 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:38 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:37 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 17:37 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 17:37 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 17:37 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 17:37 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 17:37 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 17:37 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 17:37 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 17:37 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 17:37 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-12 17:37 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 17:37 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 17:37 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 17:37 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 17:37 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 17:37 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 17:37 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 17:37 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 17:37 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 17:37 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 17:37 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 17:37 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 17:37 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 17:37 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 17:37 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 17:37 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\MSBuild
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-09 11:43 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-09 11:43 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-06 16:41 - 2015-07-19 17:31 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-06 16:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-06 15:32 - 2015-07-28 11:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-06 14:39 - 2015-07-17 23:23 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-06 14:39 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 14:39 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 14:34 - 2015-07-19 17:31 - 00000000 ____D C:\Users\sexyS\AppData\Local\Dropbox
2015-09-06 14:33 - 2015-07-20 11:34 - 00000106 _____ C:\WINDOWS\system32\mfilemon.log
2015-09-06 14:33 - 2015-07-19 17:31 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-06 14:33 - 2015-07-18 09:02 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-09-06 14:33 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-06 14:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-06 14:33 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-06 13:13 - 2015-07-18 09:03 - 00000000 ____D C:\Users\sexyS
2015-09-06 12:47 - 2015-07-20 11:29 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2964AB48-B6D6-470F-860F-078B2313F8C9}
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Users\sexyS\AppData\Local\Google
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-06 02:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-06 02:00 - 2015-07-20 11:30 - 00000000 ____D C:\Users\sexyS\AppData\Local\Adobe
2015-09-05 14:04 - 2015-07-18 09:55 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\vlc
2015-09-05 12:55 - 2015-07-17 23:37 - 00000000 ____D C:\ProgramData\ProductData
2015-09-05 12:54 - 2015-07-28 11:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-05 12:54 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-04 17:27 - 2015-07-19 17:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-03 19:45 - 2015-07-31 09:35 - 00000000 ____D C:\Users\sexyS\.gimp-2.8
2015-09-02 07:40 - 2015-07-21 14:07 - 00000000 ____D C:\Users\sexyS\AppData\Local\CloudStation
2015-08-31 18:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 18:27 - 2015-07-31 09:36 - 00000000 ____D C:\Users\sexyS\AppData\Local\gtk-2.0
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-29 16:09 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 10:49 - 2015-07-17 23:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-24 10:47 - 2015-07-18 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-24 10:47 - 2015-07-17 23:40 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-08-24 10:47 - 2015-07-17 23:40 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-08-24 10:47 - 2015-07-17 23:40 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-08-23 15:35 - 2015-07-17 23:25 - 00002358 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-21 14:38 - 2015-07-21 13:32 - 00000000 ____D C:\ProgramData\Lexware
2015-08-21 14:10 - 2015-07-17 23:25 - 00000000 ____D C:\Users\sexyS\AppData\Local\Packages
2015-08-21 09:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-19 10:11 - 2015-07-18 17:48 - 00001011 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader2.lnk
2015-08-18 12:09 - 2015-07-18 10:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-18 12:09 - 2015-07-18 08:55 - 00238520 _____ C:\WINDOWS\diagerr.xml
2015-08-18 12:09 - 2015-07-18 08:55 - 00023477 _____ C:\WINDOWS\diagwrn.xml
2015-08-16 15:11 - 2015-07-10 14:20 - 00220304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 13:25 - 2015-07-17 23:42 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-15 13:24 - 2015-07-27 09:53 - 07484080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-08-15 13:24 - 2015-07-27 09:53 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-08-15 13:24 - 2015-07-17 23:29 - 00000000 ____D C:\AMD
2015-08-15 13:24 - 2015-06-23 04:08 - 12062048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08867016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08007824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01468232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00144568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-08-15 13:24 - 2015-06-23 04:03 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-08-15 13:24 - 2015-06-23 03:21 - 00876000 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00681456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-08-15 13:24 - 2015-06-23 03:14 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00256992 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-08-15 13:24 - 2015-06-23 03:11 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-08-15 13:24 - 2015-06-23 03:10 - 00673776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-08-12 19:43 - 2015-07-21 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 19:43 - 2015-07-17 23:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 19:41 - 2015-07-21 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 19:41 - 2015-07-17 23:33 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 19:40 - 2015-06-30 11:21 - 00000167 _____ C:\WINDOWS\win.ini
2015-08-10 23:02 - 2015-07-18 16:41 - 00000000 ____D C:\ProgramData\Origin
2015-08-10 18:49 - 2015-07-19 09:38 - 00226680 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-08-10 15:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-09-03 19:42 - 2015-09-03 19:42 - 0002814 _____ () C:\Users\sexyS\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\sexyS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplsq8vm.dll
C:\Users\sexyS\AppData\Local\Temp\proxy_vole2962903316939660045.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-04 16:43

==================== Ende von FRST.txt ============================
         
__________________

Alt 06.09.2015, 16:22   #4
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von sexyS (2015-09-06 17:06:19)
Gestartet von D:\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2202957396-1968120857-1327751806-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2202957396-1968120857-1327751806-503 - Limited - Disabled)
Gast (S-1-5-21-2202957396-1968120857-1327751806-501 - Limited - Disabled)
sexyS (S-1-5-21-2202957396-1968120857-1327751806-1001 - Administrator - Enabled) => C:\Users\sexyS

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image 2016 (HKLM-x32\...\{986072E2-9A8A-4BE9-896B-18C3219BCE58}Visible) (Version: 19.0.5518 - Acronis)
Acronis True Image 2016 (x32 Version: 19.0.5518 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.1 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{529C5283-F484-94CA-8D10-3A69FD0776D3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.24.20150630 - Landesfinanzdirektion Thüringen)
E-POST (HKLM-x32\...\{7b144968-f7f9-46c6-8869-a7631d22d7fc}) (Version: 4.0.12.3692 - Deutsche Post AG)
E-POST Desktop App (x32 Version: 4.0.12.3692 - Deutsche Post AG) Hidden
E-POST MAILER Drucker (Version: 4.0.12.3692 - Deutsche Post AG) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Lexware buchhalter 2015 (HKLM-x32\...\{6332c74a-e43c-4a61-ada7-1e80fc66f324}) (Version: 20.51.0.239 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2015 (x32 Version: 20.51.00.0293 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 15.00.00.0056 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Multi file port monitor (mfilemon) 1.5.1 (HKLM\...\{A932243F-381F-434C-B18E-4F09D2F015F8}_is1) (Version: 1.5.1 - Monti Lorenzo)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.54 - LG Electronics Inc.)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3482 - Synology, Inc.)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

28-08-2015 17:06:42 Windows Update
28-08-2015 17:06:49 Windows Update
06-09-2015 09:09:40 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-06-30 11:21 - 2015-06-30 11:19 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {14ED03A8-4600-4CAB-B097-9DA39F2E69D4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {178F1D8D-30C8-49E1-AABB-25E605D187FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {232017E3-A19F-4F25-971B-D8D1E28D4FE7} - System32\Tasks\Driver Booster SkipUAC (sexyS) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {2FA379F1-BF27-4050-8EF0-E1B9D398125E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3AE40D95-A467-4FDA-9A95-48DA345DBCAE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sexyserkan@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {414B40E6-A888-484F-A392-FC7AB202B0A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {4E03CD95-3DB4-4ED6-A57B-CE6A62AD2D04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {52D14126-797F-4A8E-B400-A14C9BED0BEC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {6F1B99FC-F52C-4FD1-BADF-447D4C2714F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6F91657B-2C08-4B96-BECB-A6CC7E1F0EAC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {7241BF00-1C32-4607-A643-E4F6BAD11C1C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {80564701-18B2-48D9-994C-BB17C095CADC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-02-02] (@ByELDI)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-18] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A815E920-DB7C-4B30-A63A-4C852FB0C0B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {AEC1ECE1-3616-4F98-B9B2-DB88322AC096} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CDBE0BD9-7E83-41C4-8151-1C9F5E40197D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {F1A7ED7A-677E-4B6D-9A2C-26296F8EC234} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {F33B843B-4BE4-46CB-ABFF-8E93F527C60F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {FD32FDC7-404B-41FA-8D43-50585A0048D6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-18 10:00 - 2015-07-18 10:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-19 09:38 - 2015-07-19 09:38 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-20 11:50 - 2015-03-12 08:28 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-18 10:00 - 2015-07-18 10:00 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-29 09:36 - 2015-08-29 09:36 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-29 09:36 - 2015-08-29 09:36 - 11606528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 18:53 - 2015-07-10 18:53 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-08-23 14:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-23 14:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-23 14:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-23 14:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-07-20 11:50 - 2015-03-12 08:28 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2015-09-06 12:39 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-06 12:39 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-07-20 11:50 - 2015-02-17 15:35 - 06296064 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\SoftwareAutoUpdates.dll
2015-07-20 11:50 - 2015-03-31 18:11 - 00005632 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2015-09-06 14:34 - 2015-09-06 14:34 - 00071168 _____ () c:\users\sexys\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplsq8vm.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 14:42 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00524460 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 02874155 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00123918 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 01026062 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 01798570 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00115214 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 21565192 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 03095505 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00712704 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00031744 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00046080 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00032768 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00516608 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00243200 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00431616 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00115214 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00036160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00446272 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00116032 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sexyS\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "E-POST MAILER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Auto Resolution.lnk"
HKLM\...\StartupApproved\StartupFolder: => "E-POST CLOUD.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{1C86B1DE-2867-4048-8891-26BBF0DA0500}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{C43AF5C2-E8AF-4F1A-A1E8-174174534139}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{BF005CD4-E67D-4038-BBF2-82942DCA2864}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{B79E73C5-B66D-4FF8-933B-E28FC86D7BEB}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{7BF92D1A-0B21-4776-A98D-A11C15DBA911}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{38C36068-15B5-40D7-B48C-B12EB62BEC01}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{2CBF93EB-7DD9-4316-A00C-75751D19E551}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{D7A55AF6-D1D1-4BE3-B886-406364837069}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{4088DFEA-C4E3-4C71-8097-C19404D3BA14}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{FBCD6F87-3077-45FF-9E2C-9001EE99CDBE}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{6A0CC416-4E3B-4824-A2C4-312E8C4DA211}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7511B3A6-A0BE-4E48-B884-A25C8E02F002}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB0E1D84-D29E-41AD-93C9-10F023A3AA63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{854358C3-6D2C-4699-B6AA-E1922EB28121}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F319A215-DB28-4869-936B-121369D0A778}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{8691DE0B-1430-47CE-BB38-7F1D662A087A}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{2DB05808-81A5-4689-8BE5-64DA98A3C6CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{632B0B97-8187-4DF6-AD37-9435764B5CD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0176467C-7E80-4D6B-9789-80DCEE379B46}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{B8C9A890-1462-437D-8DDE-9A25988E014F}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [TCP Query User{49C335F3-D20A-4810-B7B9-482131177192}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4D37CB38-87C7-4509-A719-30A25D590B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7FE05D47-5974-4A3C-B222-E7349FD77AAC}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{F252E024-E179-49C5-986D-04ED3FFC41BD}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [{21C1912A-08DA-48E5-B70B-792BCD91A89B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{09D237CD-9545-4E08-99F9-C438180D29A1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E89B46DD-8064-4461-87A6-676D39D1D70E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1DB664F4-76B1-42D5-99C0-8723A87DC27E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9F827A52-EEAD-4FD6-B601-A54759360418}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A22EA736-107D-4C39-A93D-5AAF8F854E9E}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{F608B9B4-8FCD-4BEF-9117-5DD9B4E5EA1F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4E6BF977-1661-4B24-9ABD-5907EA04AE50}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{DCA00F0F-0B44-4CC7-8812-44F38845AF65}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0849B1CA-B27B-4734-94A8-08FBEC3E214C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{41D16746-6EFF-41CA-B6F8-0CF2CFF9CFAE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4F85D308-DDBB-4090-BF88-F2E6BD937D59}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{1A6B6CAE-2FC4-4E3C-8314-D2B8F53C3118}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\license_activator.exe
FirewallRules: [{1DE6B7F3-FB1F-47D7-B2CC-753C046035C5}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{A1228048-3256-4715-8FF9-E3FFD8698E6C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{99E90FBB-EA69-4921-8B3E-4234E6885E4B}] => (Allow) F:\GameZ\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C2534CF7-A212-4CE4-8B57-D2AD500019DF}] => (Allow) F:\GameZ\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{1AFC040B-60DF-4971-B7D3-0A5320E7AC61}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{47C345A2-88A0-49BA-B182-3C120A04C616}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{17E41887-27A7-4BBC-BCD3-4E77E8E1B494}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{104F94C7-7CA8-48E7-AF59-091834AF9529}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{69F94D0B-8D9C-4C8D-B378-3D699488E675}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{115900A5-355D-460F-8E55-FE4D2600F702}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [TCP Query User{D85593D3-E03A-4F11-A70A-7A0FF52FBF79}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [UDP Query User{6E6FC9FA-AD04-42D4-856C-008C0552F460}C:\program files (x86)\vpn unlimited\vpn-unlimited.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [{A3599F60-D8F1-44C5-9049-AE578E0B531A}] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [{D82EBD30-51FB-4B00-810F-2EC9FF934745}] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited.exe
FirewallRules: [{311EB67E-4657-4A70-B4A6-1951E4395B98}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{FF99EA26-8F22-4FEA-AFBE-E426CFF1DDFF}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{01C9931C-C6FC-41DA-88D1-834A01C5D1FD}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{FF542F02-C45E-40CE-BF54-57D470CE273C}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{C93557FF-9453-4CF8-A45E-AADC31A0B13C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6ECE5FE5-5796-4096-A9D4-81F426E9920A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 02:32:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2015 01:13:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/06/2015 03:51:21 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7A50885F-D806-4984-BE7B-D680C6CD113B}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/06/2015 02:44:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%0

Error: (09/06/2015 02:33:21 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "SK-ZENTRALE" auf Transport "NetBT_Tcpip_{7A50885F-D806-4984-BE7B-D680C6CD113B}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/06/2015 02:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SK-ZENTRALE)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (09/06/2015 02:28:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Fehlerberichterstattungsdienst" wurde mit folgendem Fehler beendet: 
%%193

Error: (09/06/2015 02:28:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Fehlerberichterstattungsdienst" wurde mit folgendem Fehler beendet: 
%%193

Error: (09/06/2015 02:28:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerkeinrichtungsdienst" wurde mit folgendem Fehler beendet: 
%%193

Error: (09/06/2015 01:27:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/06/2015 01:27:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/06/2015 01:27:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 02:32:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/06/2015 01:13:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148


CodeIntegrity:
===================================
  Date: 2015-08-22 11:34:09.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-21 11:42:29.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-20 11:18:00.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-29 21:41:28.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-28 17:24:34.084
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16318.96 MB
Verfügbarer physikalischer RAM: 12403.29 MB
Summe virtueller Speicher: 18750.96 MB
Verfügbarer virtueller Speicher: 14478.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.25 GB) (Free:181 GB) NTFS
Drive d: (SKDateien) (Fixed) (Total:1620.83 GB) (Free:856.88 GB) NTFS
Drive e: (SK Stick 16 GB) (Removable) (Total:14.44 GB) (Free:13.65 GB) NTFS
Drive f: (SK Cache) (Fixed) (Total:242.19 GB) (Free:30.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B68ED194)
Partition 1: (Not Active) - (Size=1620.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=242.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3B272CEE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.4 GB) (Disk ID: 137D75C5)
Partition 1: (Active) - (Size=14.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Vielen Dank für die super Hilfe

Alt 07.09.2015, 07:55   #5
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hi,

Zitat:
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, bis diese Software entfernt wurde. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.
Entferne jegliche gecrackte Software, um mit der Bereinigung fortzufahren.

Danach noch ein frisches FRST-Log zur Kontrolle mit Additions angehakt.


Alt 07.09.2015, 10:15   #6
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Sehr unangenehm für mich. Recht hast Du

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-09-2015 01
durchgeführt von sexyS (Administrator) auf SK-ZENTRALE (07-09-2015 11:12:05)
Gestartet von D:\Downloads
Geladene Profile: sexyS (Verfügbare Profile: sexyS)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\Program Files\WindowsApps\34628NielsCup.AppRadio_9.1.35.1_neutral__kz2v1f325crd8\AppRadio.Windows81.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Synology Inc.) C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-08-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [475016 2015-08-16] (Acronis)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [690992 2015-08-14] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7090888 2015-08-17] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [OneDrive] => C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-23] (Microsoft Corporation)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [GalaxyClient] => F:\GameZ\GalaxyClient\GalaxyClient.exe [7249976 2015-08-23] (GOG.com)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [1960432 2015-04-14] (LG Electronics)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3732752 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-08-28] (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1_EPMInConflictHandler] -> {188FBECF-3754-4767-94ED-E06FF03C57DE} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInProgressHandler] -> {EF1FAD52-44AF-4B92-8462-048F036E16A9} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInSyncHandler] -> {85837018-AB69-4BD9-95D3-0DDCDE2EA467} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST CLOUD.lnk [2015-07-31]
ShortcutTarget: E-POST CLOUD.lnk -> C:\Program Files (x86)\E-POST\EPostCloud.exe (Deutsche Post AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST MAILER.lnk [2015-07-31]
ShortcutTarget: E-POST MAILER.lnk -> C:\Program Files (x86)\E-POST\EpostMailer.exe (Deutsche Post AG)
Startup: C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-07-21]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a50885f-d806-4984-be7b-d680c6cd113b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,start page = about:blank
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-05]

Chrome: 
=======
CHR Profile: C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-06]
CHR Extension: (Google Docs) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-06]
CHR Extension: (Google Drive) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-06]
CHR Extension: (YouTube) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-06]
CHR Extension: (Google Search) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-06]
CHR Extension: (Google Sheets) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-06]
CHR Extension: (Enhanced Steam) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-09-06]
CHR Extension: (Gmail) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-06]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-05] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-08-24] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-26] (Disc Soft Ltd)
S3 GalaxyClientService; F:\GameZ\GalaxyClient\GalaxyClientService.exe [1720888 2015-08-23] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6874680 2015-08-23] (GOG.com)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-08-14] (Haufe-Lexware GmbH & Co. KG)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 Origin Client Service; F:\GameZ\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-17] (Realtek Semiconductor)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [297672 2015-06-23] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-17] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [485856 2015-07-17] (Intel Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-08-23] (Acronis International GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-17] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-07-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-08-23] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [206800 2015-08-23] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [567888 2015-08-23] (Acronis International GmbH)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-07 11:10 - 2015-09-07 11:10 - 00016148 _____ C:\WINDOWS\system32\SK-ZENTRALE_sexyS_HistoryPrediction.bin
2015-09-07 00:36 - 2015-09-07 00:36 - 00000000 ____D C:\Program Files\HitmanPro
2015-09-07 00:34 - 2015-09-07 00:36 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-06 19:11 - 2015-09-07 02:41 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-06 17:05 - 2015-09-07 11:12 - 00000000 ____D C:\FRST
2015-09-06 13:13 - 2015-09-06 13:13 - 00000000 _____ C:\autoexec.bat
2015-09-06 12:39 - 2015-09-07 11:10 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 12:39 - 2015-09-07 02:44 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 12:39 - 2015-09-06 12:39 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-06 12:39 - 2015-09-06 12:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-06 12:39 - 2015-09-06 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-05 12:54 - 2015-09-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-09-05 11:44 - 2015-09-05 11:44 - 00001268 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2015-09-04 17:27 - 2015-09-04 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 19:42 - 2015-09-03 19:42 - 00002814 _____ C:\Users\sexyS\AppData\Local\recently-used.xbel
2015-09-02 15:58 - 2015-09-02 15:58 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-02 15:58 - 2015-09-02 15:58 - 00000000 ____D C:\Program Files\CCleaner
2015-08-29 15:03 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 15:03 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 15:03 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-29 15:03 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 15:03 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-29 15:03 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 15:03 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 15:03 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-29 15:03 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 15:03 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 15:03 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 15:03 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 15:03 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 15:03 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 15:03 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 15:03 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-24 15:22 - 2015-08-24 15:28 - 00000000 ____D C:\Users\sexyS\AppData\Local\DayZ
2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\Program Files\SiSoftware
2015-08-24 10:47 - 2015-08-24 10:47 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-08-24 10:47 - 2015-08-24 10:47 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-08-24 10:47 - 2015-08-24 10:47 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-08-24 10:47 - 2015-08-24 10:47 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-08-23 19:42 - 2015-08-23 19:49 - 00000000 ____D C:\Users\sexyS\AppData\Local\Last_Man
2015-08-23 15:16 - 2015-08-23 15:33 - 00000000 ____D C:\AdwCleaner
2015-08-23 14:43 - 2015-08-23 14:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-23 14:39 - 2015-08-23 15:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-23 14:39 - 2015-08-23 15:36 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-23 14:39 - 2015-08-23 15:36 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-23 14:39 - 2015-08-23 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-23 14:39 - 2015-08-23 14:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-23 14:39 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2015-08-23 12:17 - 2015-08-23 15:56 - 00000000 ____D C:\ProgramData\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00567888 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00343504 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00323040 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00206800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2195.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2016.lnk
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\Program Files (x86)\Acronis
2015-08-21 10:08 - 2015-08-21 10:08 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Acronis
2015-08-21 09:23 - 2015-08-23 12:17 - 01057728 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2015-08-21 09:23 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2015-08-20 12:58 - 2015-09-03 20:07 - 00000000 ___RD C:\Users\sexyS\Desktop\Vorübergehend
2015-08-20 12:50 - 2015-08-20 12:50 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\elsterformular
2015-08-20 10:58 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 10:58 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-20 10:58 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-20 10:58 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-20 10:58 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-20 10:58 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-20 10:58 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-20 10:58 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-20 10:58 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-20 10:58 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-20 10:58 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-20 10:58 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-20 10:58 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-20 10:58 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-20 10:58 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-20 10:58 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-20 10:58 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-20 10:58 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 14:51 - 2015-08-29 10:34 - 00001129 _____ C:\Users\sexyS\Desktop\SK-Bearbeitung.lnk
2015-08-18 14:50 - 2015-08-29 10:37 - 00000760 _____ C:\Users\sexyS\Desktop\Cloud Station.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00001068 _____ C:\Users\sexyS\Desktop\Galerie.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000721 _____ C:\Users\sexyS\Desktop\OneDrive.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000705 _____ C:\Users\sexyS\Desktop\MS-DOS.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000953 _____ C:\Users\sexyS\Desktop\Downloads.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000921 _____ C:\Users\sexyS\Desktop\Musik.lnk
2015-08-18 14:49 - 2015-08-29 10:02 - 00001303 _____ C:\Users\sexyS\Desktop\Dropbox.lnk
2015-08-18 12:08 - 2015-08-18 12:08 - 00000000 ___HD C:\$Windows.~WS
2015-08-16 15:09 - 2015-08-17 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-16 15:09 - 2015-08-16 15:09 - 00000000 ____D C:\Program Files\DIFX
2015-08-16 12:48 - 2015-08-16 12:48 - 00000000 ____D C:\ProgramData\ATI
2015-08-15 15:07 - 2015-08-15 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-08-15 13:25 - 2015-08-15 13:25 - 00062253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325323347.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00052907 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325023796.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-15 13:24 - 2015-08-15 13:24 - 47795680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 39725024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 30762464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 27546080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 22328800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 07577184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 01197552 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00808944 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00215008 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00137696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00123872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00117608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00103904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00096736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00091104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00082688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00069600 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00062432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059360 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00039904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-12 17:38 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:38 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:37 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 17:37 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 17:37 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 17:37 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 17:37 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 17:37 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 17:37 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 17:37 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 17:37 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 17:37 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-12 17:37 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 17:37 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 17:37 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 17:37 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 17:37 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 17:37 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 17:37 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 17:37 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 17:37 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 17:37 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 17:37 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 17:37 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 17:37 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 17:37 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 17:37 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 17:37 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\MSBuild
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-09 11:43 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-09 11:43 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-07 11:10 - 2015-07-28 11:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-07 11:10 - 2015-07-19 17:31 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-07 11:10 - 2015-07-19 17:31 - 00000000 ____D C:\Users\sexyS\AppData\Local\Dropbox
2015-09-07 11:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-07 02:44 - 2015-07-18 09:55 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\vlc
2015-09-07 02:41 - 2015-07-19 17:31 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-07 02:00 - 2015-07-20 11:30 - 00000000 ____D C:\Users\sexyS\AppData\Local\Adobe
2015-09-06 19:18 - 2015-07-17 23:23 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-06 19:18 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 19:18 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 19:11 - 2015-07-20 11:34 - 00000106 _____ C:\WINDOWS\system32\mfilemon.log
2015-09-06 19:11 - 2015-07-18 09:02 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-09-06 19:11 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-06 19:11 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-06 18:22 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-06 13:13 - 2015-07-18 09:03 - 00000000 ____D C:\Users\sexyS
2015-09-06 12:47 - 2015-07-20 11:29 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2964AB48-B6D6-470F-860F-078B2313F8C9}
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Users\sexyS\AppData\Local\Google
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-06 02:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-05 12:55 - 2015-07-17 23:37 - 00000000 ____D C:\ProgramData\ProductData
2015-09-05 12:54 - 2015-07-28 11:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-05 12:54 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-04 17:27 - 2015-07-19 17:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-03 19:45 - 2015-07-31 09:35 - 00000000 ____D C:\Users\sexyS\.gimp-2.8
2015-09-02 07:40 - 2015-07-21 14:07 - 00000000 ____D C:\Users\sexyS\AppData\Local\CloudStation
2015-08-31 18:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 18:27 - 2015-07-31 09:36 - 00000000 ____D C:\Users\sexyS\AppData\Local\gtk-2.0
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-29 16:09 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 10:49 - 2015-07-17 23:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-24 10:47 - 2015-07-18 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-24 10:47 - 2015-07-17 23:40 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-08-24 10:47 - 2015-07-17 23:40 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-08-24 10:47 - 2015-07-17 23:40 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-08-23 15:35 - 2015-07-17 23:25 - 00002358 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-21 14:38 - 2015-07-21 13:32 - 00000000 ____D C:\ProgramData\Lexware
2015-08-21 14:10 - 2015-07-17 23:25 - 00000000 ____D C:\Users\sexyS\AppData\Local\Packages
2015-08-21 09:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-19 10:11 - 2015-07-18 17:48 - 00001011 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader2.lnk
2015-08-18 12:09 - 2015-07-18 10:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-18 12:09 - 2015-07-18 08:55 - 00238520 _____ C:\WINDOWS\diagerr.xml
2015-08-18 12:09 - 2015-07-18 08:55 - 00023477 _____ C:\WINDOWS\diagwrn.xml
2015-08-16 15:11 - 2015-07-10 14:20 - 00220304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 13:25 - 2015-07-17 23:42 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-15 13:24 - 2015-07-27 09:53 - 07484080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-08-15 13:24 - 2015-07-27 09:53 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-08-15 13:24 - 2015-07-17 23:29 - 00000000 ____D C:\AMD
2015-08-15 13:24 - 2015-06-23 04:08 - 12062048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08867016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08007824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01468232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00144568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-08-15 13:24 - 2015-06-23 04:03 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-08-15 13:24 - 2015-06-23 03:21 - 00876000 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00681456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-08-15 13:24 - 2015-06-23 03:14 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00256992 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-08-15 13:24 - 2015-06-23 03:11 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-08-15 13:24 - 2015-06-23 03:10 - 00673776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-08-12 19:43 - 2015-07-21 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 19:43 - 2015-07-17 23:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 19:41 - 2015-07-21 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 19:41 - 2015-07-17 23:33 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 19:40 - 2015-06-30 11:21 - 00000167 _____ C:\WINDOWS\win.ini
2015-08-10 23:02 - 2015-07-18 16:41 - 00000000 ____D C:\ProgramData\Origin
2015-08-10 18:49 - 2015-07-19 09:38 - 00226680 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-08-10 15:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-09-03 19:42 - 2015-09-03 19:42 - 0002814 _____ () C:\Users\sexyS\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\sexyS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7s4psg.dll
C:\Users\sexyS\AppData\Local\Temp\proxy_vole2962903316939660045.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-04 16:43

==================== Ende von FRST.txt ============================
         

Alt 07.09.2015, 10:16   #7
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-09-2015 01
durchgeführt von sexyS (2015-09-07 11:12:28)
Gestartet von D:\Downloads
Windows 10 Home (X64) (2015-07-18 07:12:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2202957396-1968120857-1327751806-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2202957396-1968120857-1327751806-503 - Limited - Disabled)
Gast (S-1-5-21-2202957396-1968120857-1327751806-501 - Limited - Disabled)
sexyS (S-1-5-21-2202957396-1968120857-1327751806-1001 - Administrator - Enabled) => C:\Users\sexyS

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image 2016 (HKLM-x32\...\{986072E2-9A8A-4BE9-896B-18C3219BCE58}Visible) (Version: 19.0.5518 - Acronis)
Acronis True Image 2016 (x32 Version: 19.0.5518 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.1 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{529C5283-F484-94CA-8D10-3A69FD0776D3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.24.20150630 - Landesfinanzdirektion Thüringen)
E-POST (HKLM-x32\...\{7b144968-f7f9-46c6-8869-a7631d22d7fc}) (Version: 4.0.12.3692 - Deutsche Post AG)
E-POST Desktop App (x32 Version: 4.0.12.3692 - Deutsche Post AG) Hidden
E-POST MAILER Drucker (Version: 4.0.12.3692 - Deutsche Post AG) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Lexware buchhalter 2015 (HKLM-x32\...\{6332c74a-e43c-4a61-ada7-1e80fc66f324}) (Version: 20.51.0.239 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2015 (x32 Version: 20.51.00.0293 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 15.00.00.0056 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Multi file port monitor (mfilemon) 1.5.1 (HKLM\...\{A932243F-381F-434C-B18E-4F09D2F015F8}_is1) (Version: 1.5.1 - Monti Lorenzo)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.54 - LG Electronics Inc.)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3482 - Synology, Inc.)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

28-08-2015 17:06:42 Windows Update
28-08-2015 17:06:49 Windows Update
06-09-2015 09:09:40 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-06-30 11:21 - 2015-06-30 11:19 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {14ED03A8-4600-4CAB-B097-9DA39F2E69D4} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {178F1D8D-30C8-49E1-AABB-25E605D187FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {232017E3-A19F-4F25-971B-D8D1E28D4FE7} - System32\Tasks\Driver Booster SkipUAC (sexyS) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {2FA379F1-BF27-4050-8EF0-E1B9D398125E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3AE40D95-A467-4FDA-9A95-48DA345DBCAE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sexyserkan@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {414B40E6-A888-484F-A392-FC7AB202B0A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {4E03CD95-3DB4-4ED6-A57B-CE6A62AD2D04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6F1B99FC-F52C-4FD1-BADF-447D4C2714F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6F91657B-2C08-4B96-BECB-A6CC7E1F0EAC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {6F9A7F8D-EC48-442A-B562-13017E971E67} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {7241BF00-1C32-4607-A643-E4F6BAD11C1C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {80564701-18B2-48D9-994C-BB17C095CADC} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-02-02] (@ByELDI)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-18] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A815E920-DB7C-4B30-A63A-4C852FB0C0B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {AEC1ECE1-3616-4F98-B9B2-DB88322AC096} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CDBE0BD9-7E83-41C4-8151-1C9F5E40197D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {F1A7ED7A-677E-4B6D-9A2C-26296F8EC234} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {F33B843B-4BE4-46CB-ABFF-8E93F527C60F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {FD32FDC7-404B-41FA-8D43-50585A0048D6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-18 10:00 - 2015-07-18 10:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-19 09:38 - 2015-07-19 09:38 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-20 11:50 - 2015-03-12 08:28 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-18 10:00 - 2015-07-18 10:00 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-18 17:31 - 2015-08-18 17:31 - 00157184 _____ () C:\Program Files\WindowsApps\34628NielsCup.AppRadio_9.1.35.1_neutral__kz2v1f325crd8\AppRadio.Windows81.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-08-23 14:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-23 14:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-23 14:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-23 14:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00036160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00446272 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00116032 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-07-20 11:50 - 2015-03-12 08:28 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2015-08-19 14:27 - 2015-08-19 14:27 - 00655872 _____ () C:\Users\sexyS\AppData\Local\Packages\34628nielscup.appradio_kz2v1f325crd8\AC\Microsoft\CLR_v4.0_32\NativeImages\AppRadio.Windows81\ca7d0c0d9ec31b3ef056ec0d0a9be129\AppRadio.Windows81.ni.exe
2015-08-17 15:48 - 2015-08-17 15:48 - 04322816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\863d73e32cd9e710aca05375f3757ceb\Windows.UI.Xaml.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 02791424 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\5ad06a6c4f46314970c17fffa77c2400\Windows.ApplicationModel.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00798720 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\2515e93e59d72cc1e6d25a1e1447a07d\Windows.Storage.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\9d8c2432e356ad887039781f675c8095\Windows.Foundation.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00302080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.System\39802e837cf4aaa12474a3b311a6265c\Windows.System.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 01228288 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\afa2fd626cc04e9a12479643a6d2208e\Windows.UI.ni.dll
2015-08-19 14:27 - 2015-08-19 14:27 - 00190976 _____ () C:\Users\sexyS\AppData\Local\Packages\34628nielscup.appradio_kz2v1f325crd8\AC\Microsoft\CLR_v4.0_32\NativeImages\Appvertisinf6d07b63#\238f38691d8d1046a0f22ecdd67cf7bf\Appvertising.AdSpaceWindows8.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 01232896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\ae6bc0916e3a947f5a252e4df6994579\Windows.Networking.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00333312 _____ () C:\Users\sexyS\AppData\Local\Packages\34628nielscup.appradio_kz2v1f325crd8\AC\Microsoft\CLR_v4.0_32\NativeImages\GoogleAnalytics\27913df9a4e16a29606b2a7425728336\GoogleAnalytics.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 02852864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\c801ff7225c850eecef98c0a6635a2ab\Windows.Devices.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00625664 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\1ec5e4abc2aa1ad0882375e2e55ff7e3\Windows.Graphics.ni.dll
2015-08-19 14:27 - 2015-08-19 14:27 - 00053760 _____ () C:\Users\sexyS\AppData\Local\Packages\34628nielscup.appradio_kz2v1f325crd8\AC\Microsoft\CLR_v4.0_32\NativeImages\AppRadio.Common\b172bbeff895ef1ce8db8755eb05445d\AppRadio.Common.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00656384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Security\b8da460da05d49cb1614b5d64c332bc8\Windows.Security.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 02486784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Media\534df0134d1c5c9c12bb5002a3f971aa\Windows.Media.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00172032 _____ () C:\Users\sexyS\AppData\Local\Packages\34628nielscup.appradio_kz2v1f325crd8\AC\Microsoft\CLR_v4.0_32\NativeImages\Appvertising.Engine\27ee45b416cc639b7db7c42cb7a28568\Appvertising.Engine.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00328704 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\47992a7d8d393395cf2048b0b547a358\Windows.Data.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00840192 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Web\f9bd9d06f561e9d0bb9f95be63b80ea1\Windows.Web.ni.dll
2015-08-17 15:48 - 2015-08-17 15:48 - 00219648 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\b5b67042b3f40e5dcfa7477f739caf3c\Windows.Globalization.ni.dll
2015-07-20 11:50 - 2015-02-17 15:35 - 06296064 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\SoftwareAutoUpdates.dll
2015-07-20 11:50 - 2015-03-31 18:11 - 00005632 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2015-09-07 11:10 - 2015-09-07 11:10 - 00071168 _____ () c:\users\sexys\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7s4psg.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 14:42 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-19 17:32 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00524460 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 02874155 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00123918 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 01026062 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 01798570 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00115214 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 03095505 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 21565192 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00712704 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00031744 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00046080 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00032768 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00516608 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00243200 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00431616 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-07-21 16:16 - 2015-07-21 16:16 - 00115214 _____ () C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sexyS\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "E-POST MAILER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Auto Resolution.lnk"
HKLM\...\StartupApproved\StartupFolder: => "E-POST CLOUD.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{1C86B1DE-2867-4048-8891-26BBF0DA0500}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{C43AF5C2-E8AF-4F1A-A1E8-174174534139}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{BF005CD4-E67D-4038-BBF2-82942DCA2864}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{B79E73C5-B66D-4FF8-933B-E28FC86D7BEB}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{7BF92D1A-0B21-4776-A98D-A11C15DBA911}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{38C36068-15B5-40D7-B48C-B12EB62BEC01}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{2CBF93EB-7DD9-4316-A00C-75751D19E551}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{D7A55AF6-D1D1-4BE3-B886-406364837069}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{4088DFEA-C4E3-4C71-8097-C19404D3BA14}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{FBCD6F87-3077-45FF-9E2C-9001EE99CDBE}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{6A0CC416-4E3B-4824-A2C4-312E8C4DA211}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7511B3A6-A0BE-4E48-B884-A25C8E02F002}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB0E1D84-D29E-41AD-93C9-10F023A3AA63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{854358C3-6D2C-4699-B6AA-E1922EB28121}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F319A215-DB28-4869-936B-121369D0A778}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{8691DE0B-1430-47CE-BB38-7F1D662A087A}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{2DB05808-81A5-4689-8BE5-64DA98A3C6CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{632B0B97-8187-4DF6-AD37-9435764B5CD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0176467C-7E80-4D6B-9789-80DCEE379B46}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{B8C9A890-1462-437D-8DDE-9A25988E014F}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [TCP Query User{49C335F3-D20A-4810-B7B9-482131177192}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4D37CB38-87C7-4509-A719-30A25D590B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7FE05D47-5974-4A3C-B222-E7349FD77AAC}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{F252E024-E179-49C5-986D-04ED3FFC41BD}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [{21C1912A-08DA-48E5-B70B-792BCD91A89B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{09D237CD-9545-4E08-99F9-C438180D29A1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E89B46DD-8064-4461-87A6-676D39D1D70E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1DB664F4-76B1-42D5-99C0-8723A87DC27E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9F827A52-EEAD-4FD6-B601-A54759360418}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A22EA736-107D-4C39-A93D-5AAF8F854E9E}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{F608B9B4-8FCD-4BEF-9117-5DD9B4E5EA1F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4E6BF977-1661-4B24-9ABD-5907EA04AE50}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{DCA00F0F-0B44-4CC7-8812-44F38845AF65}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0849B1CA-B27B-4734-94A8-08FBEC3E214C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{41D16746-6EFF-41CA-B6F8-0CF2CFF9CFAE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4F85D308-DDBB-4090-BF88-F2E6BD937D59}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{1A6B6CAE-2FC4-4E3C-8314-D2B8F53C3118}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\license_activator.exe
FirewallRules: [{1DE6B7F3-FB1F-47D7-B2CC-753C046035C5}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{A1228048-3256-4715-8FF9-E3FFD8698E6C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{99E90FBB-EA69-4921-8B3E-4234E6885E4B}] => (Allow) F:\GameZ\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C2534CF7-A212-4CE4-8B57-D2AD500019DF}] => (Allow) F:\GameZ\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{1AFC040B-60DF-4971-B7D3-0A5320E7AC61}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{47C345A2-88A0-49BA-B182-3C120A04C616}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{17E41887-27A7-4BBC-BCD3-4E77E8E1B494}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{104F94C7-7CA8-48E7-AF59-091834AF9529}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{69F94D0B-8D9C-4C8D-B378-3D699488E675}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{115900A5-355D-460F-8E55-FE4D2600F702}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{01C9931C-C6FC-41DA-88D1-834A01C5D1FD}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{FF542F02-C45E-40CE-BF54-57D470CE273C}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{C93557FF-9453-4CF8-A45E-AADC31A0B13C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6ECE5FE5-5796-4096-A9D4-81F426E9920A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/06/2015 07:36:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (7368) {1F65B3D7-D444-4C6C-A259-FF43B66B7551}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\sexyS\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb001B7.log.

Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 02:32:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/07/2015 11:12:26 AM) (Source: DCOM) (EventID: 10016) (User: SK-ZENTRALE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SK-ZENTRALEsexySS-1-5-21-2202957396-1968120857-1327751806-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.25.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (09/07/2015 02:46:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2015 02:46:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2015 02:46:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2015 02:46:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/06/2015 08:28:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7A50885F-D806-4984-BE7B-D680C6CD113B}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/06/2015 07:43:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%0

Error: (09/06/2015 07:11:54 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "SK-ZENTRALE" auf Transport "NetBT_Tcpip_{7A50885F-D806-4984-BE7B-D680C6CD113B}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (09/06/2015 07:11:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/06/2015 07:11:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (09/06/2015 07:36:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost7368{1F65B3D7-D444-4C6C-A259-FF43B66B7551}: C:\Users\sexyS\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb001B7.log-1811 (0xfffff8ed)

Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 02:32:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141


CodeIntegrity:
===================================
  Date: 2015-08-22 11:34:09.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-21 11:42:29.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-20 11:18:00.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-29 21:41:28.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-28 17:24:34.084
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16318.96 MB
Verfügbarer physikalischer RAM: 13749.91 MB
Summe virtueller Speicher: 18750.96 MB
Verfügbarer virtueller Speicher: 15832.47 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.25 GB) (Free:181.23 GB) NTFS
Drive d: (SKDateien) (Fixed) (Total:1620.83 GB) (Free:866.55 GB) NTFS
Drive e: (SK Stick 16 GB) (Removable) (Total:14.44 GB) (Free:13.65 GB) NTFS
Drive f: (SK Cache) (Fixed) (Total:242.19 GB) (Free:30.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B68ED194)
Partition 1: (Not Active) - (Size=1620.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=242.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3B272CEE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.4 GB) (Disk ID: 137D75C5)
Partition 1: (Active) - (Size=14.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 08.09.2015, 07:57   #8
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hi,

Code:
ATTFilter
Gestartet von D:\Downloads
         
Bitte zukünftig Programme auf den Desktop ziehen und von dort ausführen.

Schritt # 1: Programme deinstallieren

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    KMSpico
    Driver Booster 2.4

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Spybot Search and Destroy hat seinen Zenit bereits lange überschritten. Ich empfehle dir, dieses auch zu deinstallieren.



Schritt # 2: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt # 3: AdwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt # 4: JRT

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt # 5: FRST

Bitte noch ein FRST-Log erstellen.


Schritt # 6: Frage

Tritt das Problem nur im Chrome auf oder auch in anderen Browsern?



Schritt # 7: Bitte Posten
  • Das Logfile von MBAM
  • Das Logfile von AdwCleaner
  • Das Logfile von JRT
  • Das Logfile von FRST
  • Die Antwort auf meine Frage

Alt 08.09.2015, 17:19   #9
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



An erster Stelle möchte ich mich für die Hilfe bedanken, wirklich nicht selbstverständlich und sehr zuvorkommend.

Darf ich fragen warum der Driverbooster weg soll?

mbam
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.09.2015
Suchlaufzeit: 16:40
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.08.04
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: sexyS

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 385385
Abgelaufene Zeit: 4 Min., 53 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 4
PUP.Optional.MindSpark, C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_productivityboss.dl.myway.com_0.localstorage, In Quarantäne, [4d272b02bfcc7eb8bf9e9ffed3311ce4], 
PUP.Optional.MindSpark, C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_productivityboss.dl.myway.com_0.localstorage-journal, In Quarantäne, [7004b27bf794be78ca93b9e460a4fb05], 
PUP.Optional.MindSpark, C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_productivityboss.dl.tb.ask.com_0.localstorage, In Quarantäne, [284c131a2b602d09e47a4459808403fd], 
PUP.Optional.MindSpark, C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_productivityboss.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [7cf8f637e8a3a09628361b82000428d8], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner
Code:
ATTFilter
# AdwCleaner v5.006 - Bericht erstellt am 08/09/2015 um 17:57:02
# Aktualisiert am 06/09/2015 von Xplode
# Datenbank : 2015-09-07.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : sexyS - SK-ZENTRALE
# Gestartet von : D:\Downloads\AdwCleaner_5.006.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\SmartView2
[-] Ordner Gelöscht : C:\Users\sexyS\AppData\Local\SmartView2

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage
[-] Datei Gelöscht : C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.safefinder.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default\invalidprefs.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDTt8PVUCrSqw53XSCGCEo7N2FTpVqUjsAtYMk6X5KHbgRiX_HMPfDtb5zvifUyngMUy98h9EmmYLIqPxmn8qCGDSf2jBYG7IpSH0LWVUlL80QdzS6BFoAsR4bbmS7sH9edElSt1t_wNmxCyJzovWENDu0j3kL-vwwmDlLI7OCdjl0bAjg,,

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1607 Bytes] ##########
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 10 Home x64
Ran by sexyS on 08.09.2015 at 18:01:05,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (sexyS)
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Update



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\sexyS\AppData\Roaming\iobit\driver booster



~~~ FireFox

Successfully deleted: [File] C:\Users\sexyS\AppData\Roaming\mozilla\firefox\profiles\7p3j4y9i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi



~~~ Chrome


[C:\Users\sexyS\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\sexyS\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\sexyS\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\sexyS\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.09.2015 at 18:02:57,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
frst
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-09-2015 01
durchgeführt von sexyS (Administrator) auf SK-ZENTRALE (08-09-2015 18:16:33)
Gestartet von C:\Users\sexyS\Desktop
Geladene Profile: sexyS (Verfügbare Profile: sexyS)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-08-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [475016 2015-08-16] (Acronis)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [690992 2015-08-14] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7090888 2015-08-17] ()
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [OneDrive] => C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-23] (Microsoft Corporation)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [GalaxyClient] => F:\GameZ\GalaxyClient\GalaxyClient.exe [7249976 2015-08-23] (GOG.com)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [1960432 2015-04-14] (LG Electronics)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3732752 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-07-21] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1_EPMInConflictHandler] -> {188FBECF-3754-4767-94ED-E06FF03C57DE} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInProgressHandler] -> {EF1FAD52-44AF-4B92-8462-048F036E16A9} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [1_EPMInSyncHandler] -> {85837018-AB69-4BD9-95D3-0DDCDE2EA467} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-07-23] (Acronis)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST CLOUD.lnk [2015-07-31]
ShortcutTarget: E-POST CLOUD.lnk -> C:\Program Files (x86)\E-POST\EPostCloud.exe (Deutsche Post AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\E-POST MAILER.lnk [2015-07-31]
ShortcutTarget: E-POST MAILER.lnk -> C:\Program Files (x86)\E-POST\EpostMailer.exe (Deutsche Post AG)
Startup: C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-07-21]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a50885f-d806-4984-be7b-d680c6cd113b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Software\Microsoft\Internet Explorer\Main,start page = about:blank
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Extension: Multi Links - C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default\Extensions\multilinks@plugin.xpi [2015-09-07]
FF Extension: NoScript - C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-09-07]
FF Extension: Adblock Plus - C:\Users\sexyS\AppData\Roaming\Mozilla\Firefox\Profiles\7p3j4y9i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-05]

Chrome: 
=======
CHR Profile: C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-06]
CHR Extension: (Google Docs) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-06]
CHR Extension: (Google Drive) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-06]
CHR Extension: (YouTube) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-06]
CHR Extension: (Google Search) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-06]
CHR Extension: (Google Sheets) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-09-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-06]
CHR Extension: (Enhanced Steam) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-09-06]
CHR Extension: (Gmail) - C:\Users\sexyS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-06]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-05] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-08-24] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-26] (Disc Soft Ltd)
S3 GalaxyClientService; F:\GameZ\GalaxyClient\GalaxyClientService.exe [1720888 2015-08-23] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6874680 2015-08-23] (GOG.com)
S2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-08-14] (Haufe-Lexware GmbH & Co. KG)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S3 Origin Client Service; F:\GameZ\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-07-19] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-17] (Realtek Semiconductor)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [297672 2015-06-23] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-07-31] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-17] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [85312 2015-07-31] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [485856 2015-07-17] (Intel Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-08-23] (Acronis International GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-17] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [30392 2015-06-08] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-07-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-08-23] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [206800 2015-08-23] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [567888 2015-08-23] (Acronis International GmbH)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-08 18:16 - 2015-09-08 18:16 - 00025263 _____ C:\Users\sexyS\Desktop\FRST.txt
2015-09-08 18:16 - 2015-09-07 11:11 - 02190336 _____ (Farbar) C:\Users\sexyS\Desktop\FRST64.exe
2015-09-08 18:08 - 2015-09-08 18:08 - 00016148 _____ C:\WINDOWS\system32\SK-ZENTRALE_sexyS_HistoryPrediction.bin
2015-09-08 18:02 - 2015-09-08 18:02 - 00001955 _____ C:\Users\sexyS\Desktop\JRT.txt
2015-09-08 17:59 - 2015-09-08 17:59 - 00001686 _____ C:\Users\sexyS\Desktop\AdwCleaner[C2].txt
2015-09-08 17:57 - 2015-09-08 17:57 - 00007726 _____ C:\WINDOWS\PFRO.log
2015-09-08 17:52 - 2015-09-08 17:52 - 00001977 _____ C:\Users\sexyS\Desktop\mbam.txt
2015-09-08 09:35 - 2015-09-08 16:39 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-08 09:35 - 2015-09-08 09:35 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-08 09:35 - 2015-09-08 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-08 09:35 - 2015-09-08 09:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-08 09:35 - 2015-09-08 09:35 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-08 09:35 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-08 09:35 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-08 09:35 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-08 09:30 - 2015-09-08 09:30 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-09-08 09:29 - 2015-09-08 09:29 - 00000000 ____D C:\Users\sexyS\Desktop\RevoUninstallerPortable
2015-09-07 21:18 - 2015-09-08 17:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-07 00:36 - 2015-09-07 00:36 - 00000000 ____D C:\Program Files\HitmanPro
2015-09-07 00:34 - 2015-09-07 00:36 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-06 19:11 - 2015-09-08 17:57 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-06 17:05 - 2015-09-08 18:16 - 00000000 ____D C:\FRST
2015-09-06 13:13 - 2015-09-06 13:13 - 00000000 _____ C:\autoexec.bat
2015-09-06 12:39 - 2015-09-08 17:58 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 12:39 - 2015-09-08 17:44 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 12:39 - 2015-09-06 12:39 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-06 12:39 - 2015-09-06 12:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-06 12:39 - 2015-09-06 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-05 12:54 - 2015-09-05 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-09-05 11:44 - 2015-09-05 11:44 - 00001268 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2015-09-04 17:27 - 2015-09-04 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 19:42 - 2015-09-03 19:42 - 00002814 _____ C:\Users\sexyS\AppData\Local\recently-used.xbel
2015-09-02 15:58 - 2015-09-02 15:58 - 00002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-09-02 15:58 - 2015-09-02 15:58 - 00000000 ____D C:\Program Files\CCleaner
2015-08-29 15:03 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 15:03 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 15:03 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-29 15:03 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 15:03 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-29 15:03 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 15:03 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 15:03 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 15:03 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-29 15:03 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 15:03 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 15:03 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 15:03 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 15:03 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 15:03 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 15:03 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 15:03 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 15:03 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 15:03 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 15:03 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 15:03 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 15:03 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 15:03 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 15:03 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 15:03 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-24 15:22 - 2015-08-24 15:28 - 00000000 ____D C:\Users\sexyS\AppData\Local\DayZ
2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-08-24 10:48 - 2015-08-24 10:48 - 00000000 ____D C:\Program Files\SiSoftware
2015-08-24 10:47 - 2015-08-24 10:47 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-08-24 10:47 - 2015-08-24 10:47 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-08-24 10:47 - 2015-08-24 10:47 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-08-24 10:47 - 2015-08-24 10:47 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-08-23 19:42 - 2015-08-23 19:49 - 00000000 ____D C:\Users\sexyS\AppData\Local\Last_Man
2015-08-23 15:16 - 2015-09-08 17:57 - 00000000 ____D C:\AdwCleaner
2015-08-23 14:43 - 2015-08-23 14:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-23 14:39 - 2015-09-08 09:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-23 14:39 - 2015-08-23 14:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-08-23 12:17 - 2015-08-23 15:56 - 00000000 ____D C:\ProgramData\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00567888 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00343504 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00323040 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00206800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2195.sys
2015-08-23 12:17 - 2015-08-23 12:17 - 00001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2016.lnk
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-08-23 12:17 - 2015-08-23 12:17 - 00000000 ____D C:\Program Files (x86)\Acronis
2015-08-21 10:08 - 2015-08-21 10:08 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Acronis
2015-08-21 09:23 - 2015-08-23 12:17 - 01057728 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2015-08-21 09:23 - 2015-08-23 12:17 - 00160736 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2015-08-20 12:58 - 2015-09-03 20:07 - 00000000 ___RD C:\Users\sexyS\Desktop\Vorübergehend
2015-08-20 12:50 - 2015-08-20 12:50 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\elsterformular
2015-08-20 10:58 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 10:58 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-20 10:58 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-20 10:58 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-20 10:58 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-20 10:58 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-20 10:58 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-20 10:58 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-20 10:58 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-20 10:58 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-20 10:58 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-20 10:58 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-20 10:58 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-20 10:58 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-20 10:58 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-20 10:58 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-20 10:58 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-20 10:58 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-20 10:58 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-20 10:58 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-20 10:58 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-20 10:58 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-20 10:58 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-20 10:58 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-20 10:58 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-20 10:58 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-20 10:58 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-20 10:58 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-20 10:58 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-20 10:58 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-20 10:58 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-20 10:58 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-20 10:58 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-20 10:58 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 10:58 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-20 10:58 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-20 10:58 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-20 10:58 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-20 10:58 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-20 10:58 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-20 10:58 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-20 10:58 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 14:51 - 2015-08-29 10:34 - 00001129 _____ C:\Users\sexyS\Desktop\SK-Bearbeitung.lnk
2015-08-18 14:50 - 2015-08-29 10:37 - 00000760 _____ C:\Users\sexyS\Desktop\Cloud Station.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00001068 _____ C:\Users\sexyS\Desktop\Galerie.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000721 _____ C:\Users\sexyS\Desktop\OneDrive.lnk
2015-08-18 14:50 - 2015-08-29 10:34 - 00000705 _____ C:\Users\sexyS\Desktop\MS-DOS.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000953 _____ C:\Users\sexyS\Desktop\Downloads.lnk
2015-08-18 14:49 - 2015-08-29 10:34 - 00000921 _____ C:\Users\sexyS\Desktop\Musik.lnk
2015-08-18 14:49 - 2015-08-29 10:02 - 00001303 _____ C:\Users\sexyS\Desktop\Dropbox.lnk
2015-08-18 12:08 - 2015-08-18 12:08 - 00000000 ___HD C:\$Windows.~WS
2015-08-16 15:09 - 2015-08-17 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-16 15:09 - 2015-08-16 15:09 - 00000000 ____D C:\Program Files\DIFX
2015-08-16 12:48 - 2015-08-16 12:48 - 00000000 ____D C:\ProgramData\ATI
2015-08-15 15:07 - 2015-08-15 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-08-15 13:25 - 2015-08-15 13:25 - 00062253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325323347.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00052907 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508151325023796.log
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-15 13:25 - 2015-08-15 13:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-15 13:24 - 2015-08-15 13:24 - 47795680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 39725024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 30762464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 27546080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 22328800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 07577184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-08-15 13:24 - 2015-08-15 13:24 - 01197552 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00808944 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-08-15 13:24 - 2015-08-15 13:24 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00215008 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00137696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00123872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00117608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00103904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00096736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00091104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00082688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00069600 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00062432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-15 13:24 - 2015-08-15 13:24 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00059360 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00039904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-08-15 13:24 - 2015-08-15 13:24 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-12 19:41 - 2015-08-12 19:41 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-12 17:38 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:38 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:37 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 17:37 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 17:37 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 17:37 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 17:37 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 17:37 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 17:37 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 17:37 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 17:37 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 17:37 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 17:37 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 17:37 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 17:37 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 17:37 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-12 17:37 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 17:37 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 17:37 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 17:37 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 17:37 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 17:37 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 17:37 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 17:37 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 17:37 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 17:37 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 17:37 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 17:37 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 17:37 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 17:37 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 17:37 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 17:37 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 17:37 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-12 17:37 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 17:37 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 17:37 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 17:37 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 17:37 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 17:37 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 17:37 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 17:37 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:37 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 17:37 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2015-08-09 11:44 - 2015-08-09 11:44 - 00000000 ____D C:\Users\sexyS\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files\MSBuild
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-09 11:43 - 2015-08-09 11:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-09 11:43 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-09 11:43 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-09 11:43 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-08 18:03 - 2015-07-17 23:23 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-08 18:03 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-08 18:03 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-08 18:01 - 2015-07-17 23:37 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\IObit
2015-09-08 18:01 - 2015-07-17 23:37 - 00000000 ____D C:\ProgramData\IObit
2015-09-08 18:01 - 2015-07-17 23:37 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-08 17:59 - 2015-07-20 11:34 - 00000106 _____ C:\WINDOWS\system32\mfilemon.log
2015-09-08 17:58 - 2015-07-19 17:31 - 00000000 ____D C:\Users\sexyS\AppData\Local\Dropbox
2015-09-08 17:57 - 2015-07-28 11:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-08 17:57 - 2015-07-20 11:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 17:57 - 2015-07-19 17:31 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-08 17:57 - 2015-07-18 09:02 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-09-08 17:57 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-08 17:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-08 17:57 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-08 17:41 - 2015-07-19 17:31 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-08 16:41 - 2015-07-20 11:29 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2964AB48-B6D6-470F-860F-078B2313F8C9}
2015-09-08 07:42 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-08 07:34 - 2015-07-20 11:30 - 00000000 ____D C:\Users\sexyS\AppData\Local\Adobe
2015-09-08 01:35 - 2015-07-18 09:55 - 00000000 ____D C:\Users\sexyS\AppData\Roaming\vlc
2015-09-06 13:13 - 2015-07-18 09:03 - 00000000 ____D C:\Users\sexyS
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Users\sexyS\AppData\Local\Google
2015-09-06 12:39 - 2015-07-18 09:56 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-06 02:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-05 12:54 - 2015-07-28 11:30 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-05 12:54 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-04 17:27 - 2015-07-19 17:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-03 19:45 - 2015-07-31 09:35 - 00000000 ____D C:\Users\sexyS\.gimp-2.8
2015-09-02 07:40 - 2015-07-21 14:07 - 00000000 ____D C:\Users\sexyS\AppData\Local\CloudStation
2015-08-31 18:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 18:27 - 2015-07-31 09:36 - 00000000 ____D C:\Users\sexyS\AppData\Local\gtk-2.0
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 16:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-29 16:09 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 10:49 - 2015-07-17 23:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-24 10:47 - 2015-07-18 09:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-24 10:47 - 2015-07-17 23:40 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-08-24 10:47 - 2015-07-17 23:40 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-08-24 10:47 - 2015-07-17 23:40 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-08-23 15:35 - 2015-07-17 23:25 - 00002358 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-21 14:38 - 2015-07-21 13:32 - 00000000 ____D C:\ProgramData\Lexware
2015-08-21 14:10 - 2015-07-17 23:25 - 00000000 ____D C:\Users\sexyS\AppData\Local\Packages
2015-08-21 09:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-19 10:11 - 2015-07-18 17:48 - 00001011 _____ C:\Users\sexyS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader2.lnk
2015-08-18 12:09 - 2015-07-18 10:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-18 12:09 - 2015-07-18 08:55 - 00238520 _____ C:\WINDOWS\diagerr.xml
2015-08-18 12:09 - 2015-07-18 08:55 - 00023477 _____ C:\WINDOWS\diagwrn.xml
2015-08-16 15:11 - 2015-07-10 14:20 - 00220304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 15:10 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 13:25 - 2015-07-17 23:42 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-15 13:24 - 2015-07-27 09:53 - 07484080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-08-15 13:24 - 2015-07-27 09:53 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-08-15 13:24 - 2015-07-17 23:29 - 00000000 ____D C:\AMD
2015-08-15 13:24 - 2015-06-23 04:08 - 12062048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08867016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 08007824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01468232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00144568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-08-15 13:24 - 2015-06-23 04:08 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-08-15 13:24 - 2015-06-23 04:03 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-08-15 13:24 - 2015-06-23 03:21 - 00876000 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00681456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-08-15 13:24 - 2015-06-23 03:14 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-08-15 13:24 - 2015-06-23 03:14 - 00256992 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-08-15 13:24 - 2015-06-23 03:11 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-08-15 13:24 - 2015-06-23 03:10 - 00673776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-08-12 19:43 - 2015-07-21 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 19:43 - 2015-07-17 23:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 19:41 - 2015-07-21 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 19:41 - 2015-07-17 23:33 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 19:40 - 2015-06-30 11:21 - 00000167 _____ C:\WINDOWS\win.ini
2015-08-10 23:02 - 2015-07-18 16:41 - 00000000 ____D C:\ProgramData\Origin
2015-08-10 18:49 - 2015-07-19 09:38 - 00226680 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-08-10 15:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-09 11:43 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-24 10:49 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\sexyS\AppData\Roaming\Sandra.mdb
2015-09-03 19:42 - 2015-09-03 19:42 - 0002814 _____ () C:\Users\sexyS\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\sexyS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6vt8fe.dll
C:\Users\sexyS\AppData\Local\Temp\proxy_vole2962903316939660045.dll
C:\Users\sexyS\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-04 16:43

==================== Ende von FRST.txt ============================
         

Alt 08.09.2015, 17:20   #10
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-09-2015 01
durchgeführt von sexyS (2015-09-08 18:16:51)
Gestartet von C:\Users\sexyS\Desktop
Windows 10 Home (X64) (2015-07-18 07:12:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2202957396-1968120857-1327751806-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2202957396-1968120857-1327751806-503 - Limited - Disabled)
Gast (S-1-5-21-2202957396-1968120857-1327751806-501 - Limited - Disabled)
sexyS (S-1-5-21-2202957396-1968120857-1327751806-1001 - Administrator - Enabled) => C:\Users\sexyS

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image 2016 (HKLM-x32\...\{986072E2-9A8A-4BE9-896B-18C3219BCE58}Visible) (Version: 19.0.5518 - Acronis)
Acronis True Image 2016 (x32 Version: 19.0.5518 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.1 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{529C5283-F484-94CA-8D10-3A69FD0776D3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.24.20150630 - Landesfinanzdirektion Thüringen)
E-POST (HKLM-x32\...\{7b144968-f7f9-46c6-8869-a7631d22d7fc}) (Version: 4.0.12.3692 - Deutsche Post AG)
E-POST Desktop App (x32 Version: 4.0.12.3692 - Deutsche Post AG) Hidden
E-POST MAILER Drucker (Version: 4.0.12.3692 - Deutsche Post AG) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Lexware buchhalter 2015 (HKLM-x32\...\{6332c74a-e43c-4a61-ada7-1e80fc66f324}) (Version: 20.51.0.239 - Haufe-Lexware GmbH & Co.KG)
Lexware buchhalter 2015 (x32 Version: 20.51.00.0293 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster (x32 Version: 15.00.00.0056 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Multi file port monitor (mfilemon) 1.5.1 (HKLM\...\{A932243F-381F-434C-B18E-4F09D2F015F8}_is1) (Version: 1.5.1 - Monti Lorenzo)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.54 - LG Electronics Inc.)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3482 - Synology, Inc.)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.7.0 - GOG.com)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\sexyS\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2202957396-1968120857-1327751806-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\sexyS\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

28-08-2015 17:06:42 Windows Update
28-08-2015 17:06:49 Windows Update
06-09-2015 09:09:40 Geplanter Prüfpunkt
08-09-2015 09:30:37 Revo Uninstaller's restore point - Spybot - Search & Destroy

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-06-30 11:21 - 2015-06-30 11:19 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {178F1D8D-30C8-49E1-AABB-25E605D187FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {2FA379F1-BF27-4050-8EF0-E1B9D398125E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {3AE40D95-A467-4FDA-9A95-48DA345DBCAE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sexyserkan@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4D183C37-D661-4C10-8585-847F10479287} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {4E03CD95-3DB4-4ED6-A57B-CE6A62AD2D04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6F1B99FC-F52C-4FD1-BADF-447D4C2714F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6F91657B-2C08-4B96-BECB-A6CC7E1F0EAC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {7241BF00-1C32-4607-A643-E4F6BAD11C1C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-19] (Dropbox, Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-18] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A815E920-DB7C-4B30-A63A-4C852FB0C0B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {AEC1ECE1-3616-4F98-B9B2-DB88322AC096} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CDBE0BD9-7E83-41C4-8151-1C9F5E40197D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {F33B843B-4BE4-46CB-ABFF-8E93F527C60F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-18 10:00 - 2015-07-18 10:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-20 10:58 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 15:03 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 17:37 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-12 17:37 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-20 10:58 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-12 17:37 - 2015-08-03 03:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-18 10:00 - 2015-07-18 10:00 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-29 09:36 - 2015-08-29 09:36 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-29 09:36 - 2015-08-29 09:36 - 11606528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 18:53 - 2015-07-10 18:53 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-07-20 11:50 - 2015-03-12 08:28 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00036160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00446272 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-08-16 23:44 - 2015-08-16 23:44 - 00116032 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sexyS\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "E-POST MAILER.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Auto Resolution.lnk"
HKLM\...\StartupApproved\StartupFolder: => "E-POST CLOUD.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A6F409C40D09F99AC9DC0483D7FC8FCD"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-2202957396-1968120857-1327751806-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{1C86B1DE-2867-4048-8891-26BBF0DA0500}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{C43AF5C2-E8AF-4F1A-A1E8-174174534139}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{BF005CD4-E67D-4038-BBF2-82942DCA2864}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{B79E73C5-B66D-4FF8-933B-E28FC86D7BEB}] => (Allow) F:\GameZ\Steam\Steam.exe
FirewallRules: [{7BF92D1A-0B21-4776-A98D-A11C15DBA911}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{38C36068-15B5-40D7-B48C-B12EB62BEC01}] => (Allow) F:\GameZ\Steam\bin\steamwebhelper.exe
FirewallRules: [{2CBF93EB-7DD9-4316-A00C-75751D19E551}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{D7A55AF6-D1D1-4BE3-B886-406364837069}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{4088DFEA-C4E3-4C71-8097-C19404D3BA14}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{FBCD6F87-3077-45FF-9E2C-9001EE99CDBE}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{6A0CC416-4E3B-4824-A2C4-312E8C4DA211}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7511B3A6-A0BE-4E48-B884-A25C8E02F002}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB0E1D84-D29E-41AD-93C9-10F023A3AA63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{854358C3-6D2C-4699-B6AA-E1922EB28121}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F319A215-DB28-4869-936B-121369D0A778}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{8691DE0B-1430-47CE-BB38-7F1D662A087A}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{2DB05808-81A5-4689-8BE5-64DA98A3C6CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{632B0B97-8187-4DF6-AD37-9435764B5CD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0176467C-7E80-4D6B-9789-80DCEE379B46}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{B8C9A890-1462-437D-8DDE-9A25988E014F}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [TCP Query User{49C335F3-D20A-4810-B7B9-482131177192}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4D37CB38-87C7-4509-A719-30A25D590B72}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7FE05D47-5974-4A3C-B222-E7349FD77AAC}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{F252E024-E179-49C5-986D-04ED3FFC41BD}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [{21C1912A-08DA-48E5-B70B-792BCD91A89B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{09D237CD-9545-4E08-99F9-C438180D29A1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E89B46DD-8064-4461-87A6-676D39D1D70E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1DB664F4-76B1-42D5-99C0-8723A87DC27E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9F827A52-EEAD-4FD6-B601-A54759360418}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{A22EA736-107D-4C39-A93D-5AAF8F854E9E}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{F608B9B4-8FCD-4BEF-9117-5DD9B4E5EA1F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4E6BF977-1661-4B24-9ABD-5907EA04AE50}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{DCA00F0F-0B44-4CC7-8812-44F38845AF65}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0849B1CA-B27B-4734-94A8-08FBEC3E214C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{41D16746-6EFF-41CA-B6F8-0CF2CFF9CFAE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4F85D308-DDBB-4090-BF88-F2E6BD937D59}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{1A6B6CAE-2FC4-4E3C-8314-D2B8F53C3118}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\license_activator.exe
FirewallRules: [{1DE6B7F3-FB1F-47D7-B2CC-753C046035C5}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{A1228048-3256-4715-8FF9-E3FFD8698E6C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{1AFC040B-60DF-4971-B7D3-0A5320E7AC61}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{47C345A2-88A0-49BA-B182-3C120A04C616}] => (Allow) F:\GameZ\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{17E41887-27A7-4BBC-BCD3-4E77E8E1B494}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{104F94C7-7CA8-48E7-AF59-091834AF9529}] => (Allow) F:\GameZ\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{01C9931C-C6FC-41DA-88D1-834A01C5D1FD}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{FF542F02-C45E-40CE-BF54-57D470CE273C}] => (Allow) F:\GameZ\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{C93557FF-9453-4CF8-A45E-AADC31A0B13C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6ECE5FE5-5796-4096-A9D4-81F426E9920A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/08/2015 09:48:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/08/2015 09:30:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/07/2015 04:21:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2015 07:36:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (7368) {1F65B3D7-D444-4C6C-A259-FF43B66B7551}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\sexyS\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb001B7.log.

Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (09/08/2015 06:05:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%0

Error: (09/08/2015 06:01:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/08/2015 06:01:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/08/2015 06:01:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2015 06:01:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2015 06:01:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Nonstop Backup Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/08/2015 06:01:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2015 06:01:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Scheduler2 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/08/2015 06:01:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lexware Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2015 06:01:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Active File Monitor V13" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (09/08/2015 09:48:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (09/08/2015 09:30:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/07/2015 04:21:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SK-ZENTRALE)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (09/06/2015 07:36:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost7368{1F65B3D7-D444-4C6C-A259-FF43B66B7551}: C:\Users\sexyS\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb001B7.log-1811 (0xfffff8ed)

Error: (09/06/2015 03:54:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (09/06/2015 03:49:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert


CodeIntegrity:
===================================
  Date: 2015-08-22 11:34:09.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-21 11:42:29.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-20 11:18:00.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-29 21:41:28.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-28 17:24:34.084
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 12%
Installierter physikalischer RAM: 16318.96 MB
Verfügbarer physikalischer RAM: 14316.45 MB
Summe virtueller Speicher: 18750.96 MB
Verfügbarer virtueller Speicher: 16501.54 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.25 GB) (Free:181.89 GB) NTFS
Drive d: (SKDateien) (Fixed) (Total:1620.83 GB) (Free:850.82 GB) NTFS
Drive e: (SK Stick 16 GB) (Removable) (Total:14.44 GB) (Free:13.65 GB) NTFS
Drive f: (SK Cache) (Fixed) (Total:242.19 GB) (Free:55.96 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B68ED194)
Partition 1: (Not Active) - (Size=1620.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=242.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3B272CEE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.4 GB) (Disk ID: 137D75C5)
Partition 1: (Active) - (Size=14.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Bis jetzt war es immer nur Chrome aber ich bin mir sicher dass der Absturz (einfrieren) auch nun in Microsoft Edge der Fall ist....

Alt 08.09.2015, 21:11   #11
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hi,

Zitat:
Darf ich fragen warum der Driverbooster weg soll?
https://blog.malwarebytes.org/social...ke-oil-part-2/

Wenn das Problem nach den Schritten nicht weg ist, könnte das Problem mit Windows 10 sein. Das läuft halt noch nicht ganz Bug-frei

Schritt # 1: Windows Repair

Bitte mal Windows Repair Tool nach dieser Anleitung durchführen: Windows reparieren - so geht's - Anleitungen



Schritt # 2: Chrome zurücksetzen

Mit Revo den Chrome deinstallieren, direkt nach dem neu installieren das machen: https://support.google.com/chrome/answer/3296214?hl=de



Schritt # 3: Frage

Wie läuft der PC jetzt?



Schritt # 4: Bitte Posten
  • Die Antwort auf meine Frage

Alt 08.09.2015, 22:32   #12
SKKOT
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Darf ich aber fragen was die Logs sagen? Wo liegt bei mir ein Fehler vor?

Danke

Alt 09.09.2015, 16:06   #13
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hi,

Die Logs deuten nicht wirklich auf Malware hin, ich vermute eine zerschossene Systemdatei oder ähnliches. Deshalb bitte mal die Schritte durchführen

Alt 11.09.2015, 11:18   #14
Deathkid535
/// Malwareteam
 
HiJack-Auswertung? - Standard

HiJack-Auswertung?



Hallo,
benötigst Du noch weiterhin Hilfe ?

Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten.

Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist

Antwort

Themen zu HiJack-Auswertung?
adobe, agent, bho, defender, explorer, google, hijack, ics, internet, internet explorer, kaspersky, kmspico, lsass.exe, microsoft, mozilla, onedrive, realtek, security, software, spoolsv.exe, synology, system32, update, userinit, windows, windows media player, winlogon, wmp



Ähnliche Themen: HiJack-Auswertung?


  1. Hijack Auswertung
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (1)
  2. Hijack auswertung
    Log-Analyse und Auswertung - 23.12.2010 (9)
  3. Hijack auswertung
    Log-Analyse und Auswertung - 17.01.2010 (1)
  4. HIJACK LOG Auswertung
    Mülltonne - 05.01.2010 (1)
  5. HiJack Auswertung. Hilfe
    Log-Analyse und Auswertung - 22.10.2008 (2)
  6. Bitte um Auswertung von HiJack Log.
    Log-Analyse und Auswertung - 09.09.2008 (1)
  7. Hijack File Auswertung plz
    Log-Analyse und Auswertung - 08.05.2007 (4)
  8. Auswertung - HiJack-Log
    Log-Analyse und Auswertung - 04.10.2006 (4)
  9. Hilfe Bei Hijack (log) Auswertung!!!
    Mülltonne - 21.05.2005 (1)
  10. HiJack This - Bitte um Auswertung
    Log-Analyse und Auswertung - 07.05.2005 (1)
  11. Hijack log Auswertung
    Log-Analyse und Auswertung - 24.02.2005 (8)
  12. Auswertung HiJack
    Log-Analyse und Auswertung - 06.02.2005 (9)
  13. Auswertung von Hijack this
    Log-Analyse und Auswertung - 21.12.2004 (3)
  14. Hijack This Auswertung!!!!!
    Log-Analyse und Auswertung - 16.11.2004 (2)
  15. bitte um hijack this auswertung
    Log-Analyse und Auswertung - 09.11.2004 (2)
  16. bitte um hijack log auswertung.
    Log-Analyse und Auswertung - 21.09.2004 (2)
  17. Auswertung HiJack
    Log-Analyse und Auswertung - 29.07.2004 (1)

Zum Thema HiJack-Auswertung? - Hallo liebe Community, bei mir stürzt Chrome ständig ab und es öffnen sich Werbetabs... Bisher versucht: Kaspersky, Spybot, CCleaner aber nichts hilft wirklich. Daher habe ich nun eine HijackThis-Auswertung und - HiJack-Auswertung?...
Archiv
Du betrachtest: HiJack-Auswertung? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.