Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Watch4 öffnet sich von alleine

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.11.2015, 17:02   #1
steffen93
 
Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



Hallo,
heute hat sich im Firefox ein neuer Tab von watch4 geöffnet ohne das ich was gemacht habe. Habe danach Malwarebytes drüber laufen lassen. Der hat auch was gefunden, aber leider öffnete der Tab sich danach nochmal. Ein weiterer Scan war ergebnislos.
Hier das befallene Malwarebytes-Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.11.2015
Suchlaufzeit: 14:13
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.01.02
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Steffen

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 406387
Abgelaufene Zeit: 4 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 15
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall FM, Löschen bei Neustart, [5581d3a5e5a6f83e748c7207c04231cf], 
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall TM, Löschen bei Neustart, [b3239bdd5833bd795da3166353af9d63], 
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall TW1, Löschen bei Neustart, [0dc9294f3358f73f22de84f56999ee12], 
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall TW2, Löschen bei Neustart, [9e3808703556e452d729afca857d11ef], 
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall W1, Löschen bei Neustart, [20b65e1a1e6d1422c43c00799270fe02], 
PUP.Optional.StormFall, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StormFall W2, Löschen bei Neustart, [894d4f298407bf7790704633db27d62a], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT W1, Löschen bei Neustart, [07cf0573711a7db9bcbb85001de6d52b], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT W2, Löschen bei Neustart, [20b6bfb9454667cf2156bcc92bd8ed13], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WFRI1, Löschen bei Neustart, [a43252266f1cb87eeb8f4045ce3559a7], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WMON1, Löschen bei Neustart, [a82ef3852467a29408720e774fb46898], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WTHUR1, Löschen bei Neustart, [52843e3aa9e283b3f685dbaac53e40c0], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WTUE1, Löschen bei Neustart, [904600780e7d37ffe793f68f996a2dd3], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WW1, Löschen bei Neustart, [35a1e593711a39fd0a6e0580cb387d83], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WW2, Löschen bei Neustart, [409697e1276465d1bcbc800556add32d], 
PUP.Optional.StartGamePage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WOT WWED1, Löschen bei Neustart, [f5e10375810acd69d2a8d1b4867da15f], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Und ein frisches Frst-Log von grade
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Steffen (Administrator) auf PCSTEFFEN (01-11-2015 17:35:38)
Gestartet von C:\Users\Steffen\Desktop
Geladene Profile: Steffen &  (Verfügbare Profile: Steffen & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\LevelOne\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\LevelOne\Common\RaRegistry64.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{7394E1A5-0E9B-FF4D-BA29-405B857EC562}\YSearchUtilSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2173224 2013-11-08] (Gainward Co. Ltd.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55357464 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\MountPoints2: {3d227071-4c2d-11e5-9bc2-806e6f6e6963} - "E:\aoesetup.exe" /autorun
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2173224 2013-11-08] (Gainward Co. Ltd.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55357464 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3d227071-4c2d-11e5-9bc2-806e6f6e6963} - "E:\aoesetup.exe" /autorun
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2173224 2013-11-08] (Gainward Co. Ltd.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55357464 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {3d227071-4c2d-11e5-9bc2-806e6f6e6963} - "E:\aoesetup.exe" /autorun
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-03-27]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{141f13e7-4b9c-4ab5-915d-30be3c53895e}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2406949756-3404556640-376389215-1000 -> {88DBFEAC-A6F9-4323-9328-3A002CF4C6D1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {88DBFEAC-A6F9-4323-9328-3A002CF4C6D1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {88DBFEAC-A6F9-4323-9328-3A002CF4C6D1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-31] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default
FF DefaultSearchEngine: Yahoo Web
FF Homepage: hxxps://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2406949756-3404556640-376389215-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-26] ()
FF Plugin HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-26] ()
FF Plugin HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-26] ()
FF user.js: detected! => C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\user.js [2015-03-31]
FF SearchPlugin: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\searchplugins\yahoo-ysp.xml [2015-10-26]
FF SearchPlugin: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\searchplugins\youtube.xml [2014-07-13]
FF Extension: boost project boost-Bar - C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\Extensions\jid1-43E5o59FVrjLig@jetpack.xpi [2015-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-03-31] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-14]
CHR Extension: (Google Docs) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Google Drive) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-14]
CHR Extension: (YouTube) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-14]
CHR Extension: (Google-Suche) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-06]
CHR Extension: (Google Tabellen) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-14]
CHR Extension: (Bookmark Manager) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-06]
CHR Extension: (Skype Click to Call) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-06-06]
CHR Extension: (Google Wallet) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Google Mail) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKU\S-1-5-21-2406949756-3404556640-376389215-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-06-06] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-26] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-29] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 RalinkRegistryWriter; C:\Program Files (x86)\LevelOne\Common\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Datei ist nicht signiert]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\LevelOne\Common\RaRegistry64.exe [447488 2012-01-12] (Ralink Technology, Corp.) [Datei ist nicht signiert]
S2 RaMediaServer; C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe [625728 2011-08-18] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-26] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{7394E1A5-0E9B-FF4D-BA29-405B857EC562}\YSearchUtilSvc.exe [160536 2015-10-14] (Yahoo Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-06-06] (BitRaider)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-26] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3772632 2015-07-10] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-09-27] () [Datei ist nicht signiert]
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S1 KLIM6; \SystemRoot\system32\DRIVERS\klim6.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-01 17:35 - 2015-11-01 17:35 - 00037587 _____ C:\Users\Steffen\Desktop\FRST.txt
2015-11-01 17:20 - 2015-11-01 17:35 - 00000000 ____D C:\FRST
2015-11-01 17:19 - 2015-11-01 17:19 - 02198016 _____ (Farbar) C:\Users\Steffen\Desktop\FRST64.exe
2015-11-01 16:32 - 2015-11-01 16:32 - 00016148 _____ C:\WINDOWS\system32\PCSTEFFEN_Steffen_HistoryPrediction.bin
2015-11-01 16:07 - 2015-11-01 17:07 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 14:11 - 2015-11-01 14:12 - 22908888 _____ (Malwarebytes ) C:\Users\Steffen\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-10-30 15:57 - 2015-10-30 15:57 - 36283132 _____ (Thom Robertson) C:\Users\Steffen\Downloads\Artemis_Upgrade_v2_2_0.exe
2015-10-30 13:23 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:23 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:23 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:23 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:23 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:23 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:23 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:23 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:23 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:23 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:23 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:23 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:23 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:23 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:23 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:23 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:23 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:23 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:23 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:23 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:23 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:23 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:23 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:23 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:23 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:23 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:23 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:23 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:23 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:23 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:23 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:23 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:23 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:23 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 12:19 - 2015-10-30 12:20 - 29170369 _____ (Thom Robertson) C:\Users\Steffen\Downloads\Artemis_Upgrade_v2_1_1.exe
2015-10-30 12:17 - 2015-10-30 12:20 - 00000000 ____D C:\Program Files (x86)\Artemis
2015-10-30 12:17 - 2015-10-30 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artemis
2015-10-30 12:12 - 2015-10-30 12:17 - 171713118 _____ (Thom Robertson) C:\Users\Steffen\Downloads\ArtemisSBS_2.exe
2015-10-30 11:57 - 2015-10-30 11:59 - 73658702 _____ (Thom Robertson) C:\Users\Steffen\Downloads\ArtemisDEMOInstall.exe
2015-10-26 19:08 - 2015-10-26 19:08 - 00000000 ____D C:\Users\Steffen\AppData\Local\YSearchUtil
2015-10-26 19:08 - 2015-10-26 19:08 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-26 19:02 - 2015-10-26 19:05 - 00584288 _____ (Oracle Corporation) C:\Users\Steffen\Downloads\JavaSetup8u65.exe
2015-10-19 16:20 - 2015-10-19 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-10-19 16:20 - 1999-09-27 13:30 - 00014368 ____R C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2015-10-19 16:07 - 2015-10-19 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-10-17 10:54 - 2015-10-17 10:54 - 01461024 _____ C:\Users\Steffen\Downloads\Samsung Link - CHIP-Installer.exe
2015-10-16 22:07 - 2015-10-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 18:54 - 2015-10-15 19:02 - 00000000 ____D C:\Users\Steffen\Documents\NFS SHIFT
2015-10-15 17:11 - 2015-10-15 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-15 17:11 - 2015-10-15 17:11 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Avira
2015-10-15 17:10 - 2015-10-15 17:11 - 00000000 ____D C:\ProgramData\Avira
2015-10-15 17:10 - 2015-10-15 17:11 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-15 17:10 - 2015-10-05 14:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-10-15 17:06 - 2015-10-15 17:09 - 215891200 _____ C:\Users\Steffen\Downloads\avira_antivirus_210de-de.exe
2015-10-14 21:09 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 21:09 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 21:09 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 21:09 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 21:09 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 21:09 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 21:09 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 21:09 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 21:09 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 21:09 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 21:09 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 21:09 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 21:09 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 21:09 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 21:09 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 21:09 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 21:09 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 21:09 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 21:09 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 21:09 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 21:09 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 21:09 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 21:09 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 21:09 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 21:09 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 21:09 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 21:09 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 21:09 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 21:09 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 21:09 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 21:09 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 21:09 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 21:09 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 21:09 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 21:09 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 21:09 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 21:09 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 22:14 - 2015-10-12 22:14 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\11bitstudios
2015-10-12 19:45 - 2015-10-12 20:26 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2015-10-12 19:45 - 2015-10-12 19:46 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-10-12 19:44 - 2015-10-12 19:44 - 00000000 ____D C:\Users\Steffen\Documents\Fax
2015-10-08 17:25 - 2015-10-08 18:11 - 00000000 ____D C:\Users\Steffen\Documents\STAR WARS Battlefront Beta
2015-10-08 17:06 - 2015-10-08 17:06 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-07 15:36 - 2015-10-03 03:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-07 15:34 - 2015-11-01 17:20 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A55E3B4C-2499-48F6-9B91-AC34D22886D6}
2015-10-07 15:34 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-10-06 19:47 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-06 19:47 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-01 17:35 - 2014-08-06 21:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-01 17:35 - 2014-05-10 00:21 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-01 17:35 - 2014-03-29 17:19 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Skype
2015-11-01 17:22 - 2014-03-29 20:26 - 00000000 ____D C:\ProgramData\Origin
2015-11-01 17:07 - 2015-02-14 15:43 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 17:07 - 2014-05-10 00:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-01 16:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-01 14:43 - 2015-08-26 21:06 - 02104364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-01 14:43 - 2015-07-10 17:34 - 00893636 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-01 14:43 - 2015-07-10 17:34 - 00200172 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-01 14:42 - 2015-08-26 22:01 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-01 14:42 - 2014-03-29 17:37 - 00000000 ____D C:\Users\Steffen\AppData\Local\CrashDumps
2015-11-01 14:38 - 2015-02-14 15:43 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-01 14:37 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 14:37 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 14:37 - 2014-04-30 23:13 - 00000434 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-01 14:37 - 2014-03-27 21:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-01 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 14:12 - 2014-05-10 00:41 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-01 14:12 - 2014-05-10 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-01 14:12 - 2014-05-10 00:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-31 17:31 - 2014-12-27 16:54 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 17:23 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-31 17:19 - 2015-08-26 21:17 - 00002360 _____ C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 17:19 - 2014-08-27 19:28 - 00000000 ___RD C:\Users\Steffen\OneDrive
2015-10-30 18:16 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 11:26 - 2014-03-29 20:26 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-26 19:08 - 2014-07-17 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-26 19:08 - 2014-07-01 17:00 - 00000000 ____D C:\ProgramData\Oracle
2015-10-26 19:06 - 2015-08-26 21:58 - 00000000 ____D C:\Users\Steffen\.oracle_jre_usage
2015-10-26 19:06 - 2014-07-17 17:40 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-26 19:05 - 2014-07-01 17:00 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-24 14:19 - 2014-07-01 17:05 - 00014571 _____ C:\Users\Steffen\.heldEinstellungen4_1.xml
2015-10-24 14:19 - 2014-07-01 17:05 - 00000000 ____D C:\Users\Steffen\helden
2015-10-24 14:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-24 09:55 - 2014-07-01 17:05 - 00000286 _____ C:\Users\Steffen\.dsa4.properties
2015-10-24 00:58 - 2014-03-29 17:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-23 23:28 - 2015-04-07 21:06 - 00021899 _____ C:\Users\Steffen\Desktop\Torgrim .xml
2015-10-22 22:08 - 2015-02-14 15:44 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-22 17:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-21 22:08 - 2015-03-10 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-21 17:15 - 2014-03-27 21:45 - 00097280 _____ C:\Users\Steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-19 21:34 - 2014-03-27 21:10 - 00000000 ____D C:\Users\Steffen\AppData\Local\VirtualStore
2015-10-19 17:46 - 2015-07-10 13:20 - 00353688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-19 16:21 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-10-18 10:26 - 2014-03-29 17:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-18 02:17 - 2014-03-29 19:59 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\LolClient
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 18:47 - 2013-01-14 22:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 17:21 - 2014-03-30 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 17:20 - 2013-01-14 23:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 17:18 - 2013-01-14 23:36 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 17:24 - 2014-04-27 22:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-12 19:45 - 2015-09-10 19:13 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Canon
2015-10-11 11:29 - 2014-05-20 20:55 - 00000000 ____D C:\WinSwiss-8
2015-10-08 17:06 - 2014-03-27 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-07 15:36 - 2015-08-26 21:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-06 19:45 - 2015-08-26 21:22 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-04 10:57 - 2014-03-29 17:19 - 00000000 ____D C:\ProgramData\Skype
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-03 05:58 - 2015-08-26 21:22 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 05:58 - 2015-07-23 03:02 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 05:58 - 2015-04-16 18:03 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-10-03 05:58 - 2015-04-16 06:19 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-10-03 05:58 - 2014-03-27 21:42 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 05:58 - 2014-03-27 21:42 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2014-03-27 21:42 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-27 21:57 - 2014-04-27 22:02 - 0021866 _____ () C:\Users\Steffen\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-04-27 22:10 - 2014-04-27 22:10 - 0023629 _____ () C:\Users\Steffen\AppData\Roaming\Microsoft Excel 97-2003.ADR
2014-03-27 22:51 - 2014-03-27 22:51 - 0000017 _____ () C:\Users\Steffen\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Steffen\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 14:49

==================== Ende von FRST.txt ============================
         

Alt 01.11.2015, 17:03   #2
steffen93
 
Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Steffen (2015-11-01 17:35:58)
Gestartet von C:\Users\Steffen\Desktop
Windows 10 Home (X64) (2015-08-26 20:15:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2406949756-3404556640-376389215-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2406949756-3404556640-376389215-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2406949756-3404556640-376389215-503 - Limited - Disabled)
Gast (S-1-5-21-2406949756-3404556640-376389215-501 - Limited - Disabled)
Steffen (S-1-5-21-2406949756-3404556640-376389215-1000 - Administrator - Enabled) => C:\Users\Steffen

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 2.2_0.0 - Thom Robertson)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG3500 series Benutzerregistrierung (HKLM-x32\...\Canon MG3500 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Chess Position Trainer 5.04 (HKLM\...\{BAF9C5CC-17DE-4111-813B-392187D4D793}) (Version: 5.04 - SR Software Development)
ChessBase 10 (HKLM-x32\...\{CF652E2D-6128-49E9-833E-F131C4FC42CA}) (Version: 10 - ChessBase)
ChessBase 10 (x32 Version: 10 - ChessBase) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Crysis (HKLM-x32\...\Steam App 17300) (Version:  - Crytek)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version:  - SEIKO EPSON Corporation)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
EXPERTool v8.9 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.9.8.5 - Gainward Co. Ltd.)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fritz 12 (HKLM-x32\...\{4F4182DA-3D58-41E3-913D-480F8DA5C863}) (Version: 12.0.0 - ChessBase)
Fritz 12 (x32 Version: 12.0.0 - ChessBase) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version:  - Codemasters Racing)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hugo - Diamantenfieber (HKLM-x32\...\Hugo - Diamantenfieber) (Version:  - )
Hugo3D PC (HKLM-x32\...\Hugo3D PC) (Version: 1.0 - ITE Media ApS Denmark)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version:  - Traveller's Tales)
LevelOne WUA-1610 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.17.0 - LevelOne)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.005 - MSI)
MyFreeCodec (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MyFreeCodec) (Version:  - )
Need for Speed: SHIFT (HKLM-x32\...\Steam App 24870) (Version:  - Slightly Mad Studios)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.14.5. - ORWO Net)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.22 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ Beta (HKLM-x32\...\{8A863B64-C9BE-4203-9ED7-92981CF690D3}) (Version: 1.0.3.51560 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Swiss-Chess für Windows Demo (HKLM-x32\...\Swiss-Chess für Windows Demo) (Version:  - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2406949756-3404556640-376389215-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05222C40-7E0A-4648-9C4A-9C2974F41099} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {062A000C-1721-4811-9E3A-4076E010879F} - System32\Tasks\{4E7EFE6B-E506-4B40-A8E9-4D9DB85B3F58} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {16B3833F-116A-4F56-88DC-9E84CCCE7E94} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {1DA5B0C5-F546-43C4-B48B-00074433DCED} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {218A9DA3-FC07-4274-8802-7DBBE5B961EE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2525BADE-B12C-4D1D-82EA-64BE886AB6C8} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2790A045-968C-422F-B0B7-C05ABA3C9BA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3CBA3212-88C6-4272-8E58-F76C8C54B417} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {61941F69-A747-42D7-8E6F-2B570515CF17} - System32\Tasks\{0BA8BD59-7A72-4E02-92CF-15F28D19B826} => D:\SteamLibrary\SteamApps\common\Imperial Glory\ImperialGlory.exe
Task: {61EC3A0D-31E6-4482-963C-AA2C5BCEF016} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {62CCCE8C-564C-4FE3-8A36-1479AC414F7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {630F777A-23D2-438F-9D8D-B59C4D440633} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6507C53F-3F9A-4ED4-80EE-9640C45F051E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6600EBFB-3DD7-496B-9429-8851C65E1190} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {748FA040-0360-4C9A-9DEA-0D13A3EFB7C4} - System32\Tasks\EXPERTool => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2013-11-08] (Gainward Co. Ltd.)
Task: {7F32CEA7-A1A4-4614-99D0-6EA152C16A95} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {7FB2D9BF-E148-492E-A999-D6543A149214} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {843B657C-0F9E-4AE5-8C15-97C52B2B4A94} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {931F3F17-CEE3-4C7B-9C9A-CB5BF54DC43D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {9497AE20-6EC6-4306-9F04-47EF0F35C873} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {97BF0630-4581-4814-AAEC-CC3BFD002D6A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A36EDBC2-5D6D-4F1F-B6BF-D7B073E59D88} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A39F630C-33B7-41A0-8955-3AFCCEE5932E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A4B4EE8F-32C5-4DE2-80FB-5C19495ED069} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A6C70F15-99DC-4543-8D18-675A4DD9886C} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {AB8FEB1D-33D7-44A8-AB1E-2E845390AA7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {B113DA20-09A8-4B99-AA2B-5A2B4EACD4A6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {B2D546E2-B20D-461F-A31F-5E2ADC120327} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {BA576CAB-AD66-4A3A-AB82-9CFA92FE8B40} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {BDB3DE54-0CD1-400C-88ED-801532347146} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BF7B3265-B1F4-4925-87F5-4BB13F3062CB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C250DF7B-A19E-4451-9423-183EE02C5945} - System32\Tasks\{8F475F77-7229-4F1B-A88F-4C4748065BB3} => C:\Users\Steffen\Downloads\Xpadder_CB-DL-Manager.exe
Task: {CAEF9CC8-A300-47C6-9A62-DC029C9E3A17} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DC43FB56-34BA-4D94-9CD8-D77AE7B410D6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {DE591EA1-8D26-47E1-97F9-15DF3DD79C99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DE6441AE-2BD5-40F9-A262-4DDE81D99156} - System32\Tasks\{3D042C03-7F5F-4290-89D6-9CB0FBD29F30} => pcalua.exe -a C:\Users\Steffen\Downloads\epson374993eu.exe -d C:\Users\Steffen\Downloads
Task: {E2E2D3B0-C18A-4DE8-AB43-ECC4CD84C9DF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E8F5CF0B-68AE-41C6-9D71-D0DDE60CD3CD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {E938BC85-FC4F-403C-9EE1-8704297024DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EBF3ECE0-E113-4788-846A-1705407B92E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {F207DB6A-F366-4239-8496-E9E18DAC1824} - System32\Tasks\{82DB1F8D-3168-4A37-BFBC-CAB55923F21C} => C:\Users\Steffen\Downloads\Xpadder_CB-DL-Manager.exe
Task: {F31C4C29-38FF-425C-86A9-D0EE3C90E743} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F617BED9-57D7-402D-AF06-040B5AF3D656} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F7BC2A21-FC07-4975-BA93-88B5C3C8AAAD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F934FF39-7D65-4D5C-9D59-B9847A4CB65A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F93ECBB4-B588-48DC-98B9-E68A07E603AE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {FD104670-3F97-44D1-8E20-5EC0C11D9902} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-26 21:58 - 2015-08-26 21:58 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-03-27 21:42 - 2015-10-03 03:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-26 21:32 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-10-01 18:20 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:20 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 18:19 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 18:20 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:19 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 18:19 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:20 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-05-08 19:50 - 2015-05-08 19:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-10-28 12:01 - 2015-10-28 12:01 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-28 12:01 - 2015-10-28 12:01 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-28 12:01 - 2015-10-28 12:01 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-07-11 01:18 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-01-14 22:50 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-03-29 20:28 - 2015-10-29 11:26 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steffen\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Steffen\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Steffen\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WUA-1610.lnk => C:\Windows\pss\WUA-1610.lnk.CommonStartup
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Steffen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Steffen\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
MSCONFIG\startupreg: MBCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\StartupApproved\Run: => "EPSON SX110 Series"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPSON SX110 Series"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "EPSON SX110 Series"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{FB847F92-341D-4DDA-A7D1-1E991E1A8B34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D65940A-F509-4024-9F81-DDC55158411C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29C024F4-16F3-4DF5-BA6C-E5D2D318B156}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{353AE231-54C4-40CF-8711-20DA944FC331}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A27144D-4F64-4083-8BC4-A000A8E18532}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8EDD7ED6-4904-4C79-A4F6-E705282D645B}] => (Allow) D:\FIFA 13\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{8E008580-2938-4611-9C99-23ECEBBFB0B6}] => (Allow) D:\FIFA 13\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{BD9A8FB8-21DD-4893-BA6B-57B08EC653C1}] => (Allow) D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{CC57D89F-98EC-4EDF-9699-6B9E9CB28266}] => (Allow) D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{7615E625-215C-428C-92C6-9DD3CE11A26F}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C549A0D1-8CCE-45FD-921A-6BE4FCBF1869}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{E9A13590-5C38-428E-8915-C7E38FA02BBC}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{F76B3F79-C734-44D8-AE52-B867BFA7E461}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{6249F686-9089-4918-A1E6-A7C3970CD87A}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{F07699A6-412F-4D0A-81E2-EACFBAC9D6DC}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9A6C2AA7-EF39-4001-8D0D-6A30C44B82FA}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{0CC5DA9A-9E80-4238-9133-AC48610AB4A5}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{16D167D9-CD02-49BC-BB95-CA0309716664}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{C913DDC4-0BE8-4449-A51D-8954FF224833}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{07B98528-2997-4882-AFDC-2050E06AE50D}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{689832C5-226F-49FA-ABB3-6C4BC46B5903}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{5ABCABDF-C2D4-4EB9-96CF-261A79951848}] => (Allow) D:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A3B5FE64-F5F0-4955-AF69-09F5702F5922}] => (Allow) D:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A5F75450-ED35-4936-B4C2-21342CE0DB6A}] => (Allow) D:\SteamLibrary\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{7390D13C-C06A-4CF7-B39B-B51323F441DA}] => (Allow) D:\SteamLibrary\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{0303914A-C651-4CB6-85F1-174DFAEF01AA}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{864EA1A4-B550-43D5-87F0-CB45C64B4D3E}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{6FC6404C-11A8-40BE-B19D-F67BDEEAB2A6}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{10D6F9D8-4A80-4311-983A-E2D53CF41EC2}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{880FBF30-59D7-40C6-AC18-76B42D9322B6}] => (Allow) D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6A7B00BB-AF9C-4195-BB43-D7B3755F5FAF}] => (Allow) D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{22AD003D-A41D-4E56-9078-3FF81D9F9753}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDB9E9E1-D1BB-452D-AA70-2D09C336E18A}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{952B81A2-A48A-498A-BAAD-0557FFC064AA}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{7C8A72DA-2B0B-484C-A197-9CA3D0C6B4A0}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{3BD0D755-64ED-4755-85BB-53F952AAA13E}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{BF30D531-CF16-4BAA-9B99-854211F0D92A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF669CC5-C9FF-4B05-8F66-3786B4ADA5E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DA498A52-B713-4295-AE3F-859E6F8E7296}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34DAD60D-DE45-443C-9EE1-EB8D957B7655}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DF7AFD9C-725A-4169-84E8-5D9307FF971C}] => (Allow) D:\SteamLibrary\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{6D06D974-6FC4-45A2-BFF0-7ED5CF67BBCF}] => (Allow) D:\SteamLibrary\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{6ECB9B08-627F-442B-B9A1-04EBB59B7451}] => (Allow) D:\SteamLibrary\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{116C2A24-D9F2-4FD4-9254-F53CC7614076}] => (Allow) D:\SteamLibrary\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{FE239977-FB6C-4D83-A002-364D50CB3D4D}] => (Allow) D:\FIFA 13\Battlefield 3\bf3.exe
FirewallRules: [{5A8FE2D5-0C1C-4F44-B3CB-FAB8BF96D538}] => (Allow) D:\FIFA 13\Battlefield 3\bf3.exe
FirewallRules: [{E2C25298-B939-4684-8C55-F40978DBE3F2}] => (Allow) D:\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{43A4CCD8-B14D-4659-97BB-9A58D0F84F47}] => (Allow) D:\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{32F46A21-C9DD-4CB8-B87E-CDF430379275}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5217F87A-1C8E-4654-975E-52CD40ABB541}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F080D289-59D6-4256-A305-94B85313F2E9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8F1EEB70-1E9B-440F-86FF-B0528E7D4E02}] => (Allow) LPort=1900
FirewallRules: [{00045005-C8E4-4510-A7D7-F55B4ACCFE25}] => (Allow) LPort=2869
FirewallRules: [{4D5662B2-1A42-4BEE-A4B4-887EFAAD9C9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1386F03B-33F5-4CB7-BC79-D03A338A1453}] => (Allow) C:\Users\Steffen\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{AD51B8F8-1D45-4C4A-9191-75B1D91A1E00}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{36AB1477-641F-4CB3-BDE8-C5E41D89ECD6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{60766BAC-28B2-460D-9D1D-EBA66C4E374A}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{B233BDCF-4148-47BB-B8D4-2957C42C71CA}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{DBC8519F-AFBE-439A-B0D9-8C7EF89B72F5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B8DD5CFE-D93C-413C-9961-C251F0B9D85A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{488B27DF-BD52-4C58-A6D2-E5C5BB873375}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{45933683-E10A-49D7-BD0C-9CE16B2F9C2E}] => (Allow) D:\FIFA 13\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{72F044BF-D00E-47AD-AA81-0B3BF3D54A1E}] => (Allow) D:\FIFA 13\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{F902466E-ABEB-4D39-9196-427A6AEE88C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{76E71B87-0675-4C2D-B0FC-6544ABDF51DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2CC14BAE-4AD2-4970-B5F3-B76062FFB48B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3C87454E-E419-4769-AAA2-B08C201F9109}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{928DFD5C-448D-46D9-8059-90EF5327F03D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC04B36E-6C36-44DD-A84C-1F7D96CC9946}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe
FirewallRules: [{10910938-4AD7-4711-AE66-7FD8C3F205CE}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe
FirewallRules: [{B8F130A6-065D-4F33-B5EE-5DE0A0901078}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaUI.exe
FirewallRules: [{BCD6A31C-F11B-4DBB-8056-57EE7649C664}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaUI.exe
FirewallRules: [{CE7B23DE-FD8E-4BC8-90FE-3F40F5979A0B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B2EB551-8221-4B01-B819-9CE92E973834}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{95027D5C-7E8D-49FF-87DC-7B878F598BFB}D:\fifa 13\fifa 15\fifa15.exe] => (Block) D:\fifa 13\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{F30A02CA-40DF-45C4-A4AE-E33FF35F2A1C}D:\fifa 13\fifa 15\fifa15.exe] => (Block) D:\fifa 13\fifa 15\fifa15.exe
FirewallRules: [{78788236-B6C7-4D92-8DA5-6AA4E3799FEA}] => (Allow) E:\fsetup.exe
FirewallRules: [{C943E4D1-D756-40E1-B9FC-2D9B0FEB9B7D}] => (Allow) E:\fsetup.exe
FirewallRules: [{1539B6B5-3C84-4239-A9CA-B74E11173BA4}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{3A909B1D-3B41-4A71-B0A7-40C6D796F41F}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{5375E4EE-23A1-4AE2-B3A8-C630CF4625FD}] => (Allow) D:\FIFA 13\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{8C9E660A-0E53-4E57-8FDF-97196C230BEB}] => (Allow) D:\FIFA 13\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{F150A2B4-541B-4841-932B-4B515C39EDC7}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{AE4CDC2C-2092-413C-BD21-CED6595A3A3C}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{92D5770B-9E7C-41CB-99FF-DA7608A54B8D}] => (Allow) D:\SteamLibrary\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CB342012-A0E4-4A71-AC19-C3F13321DE28}] => (Allow) D:\SteamLibrary\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{BFA3DC52-ADE1-4E25-83D4-A54D858D7E36}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift\SHIFT.exe
FirewallRules: [{818B2D41-E1EF-4342-9063-80924E88993F}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift\SHIFT.exe
FirewallRules: [TCP Query User{07F2E0ED-8222-46FA-90A4-F7B52CA66CE7}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{8D9E9B3D-60AB-401B-B2FB-4D7122DCE97B}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{F1A894CF-C5B7-4203-AC2F-94D689B72042}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9D2D1DC6-2DDE-4050-ABF5-31EFF046BECC}C:\program files (x86)\artemis\artemis.exe] => (Allow) C:\program files (x86)\artemis\artemis.exe
FirewallRules: [UDP Query User{D6E28C2B-265F-4CDE-B929-6B6E547471F6}C:\program files (x86)\artemis\artemis.exe] => (Allow) C:\program files (x86)\artemis\artemis.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/01/2015 02:40:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Name des fehlerhaften Moduls: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025ae8
ID des fehlerhaften Prozesses: 0xa40
Startzeit der fehlerhaften Anwendung: 0xRaMediaServer.exe0
Pfad der fehlerhaften Anwendung: RaMediaServer.exe1
Pfad des fehlerhaften Moduls: RaMediaServer.exe2
Berichtskennung: RaMediaServer.exe3
Vollständiger Name des fehlerhaften Pakets: RaMediaServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RaMediaServer.exe5

Error: (11/01/2015 01:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x23e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 01:38:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x154c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 01:38:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 41.0.2.5765 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 54c

Startzeit: 01d1149bed657594

Beendigungszeit: 201

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 720cc049-8095-11e5-9bd2-448a5b587c67

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 01:38:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x554
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x23e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x1ed8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x968
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x1a10
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (10/31/2015 08:35:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PCSteffen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (11/01/2015 02:40:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Ralink UPnP Media Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/01/2015 02:39:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2015 02:38:58 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{141F13E7-4B9C-4AB5-915D-30BE3C53895E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2015 02:37:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/01/2015 02:36:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session3 erreicht.

Error: (11/01/2015 02:36:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/31/2015 08:35:00 PM) (Source: DCOM) (EventID: 10010) (User: PCSteffen)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/31/2015 08:34:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/31/2015 01:50:25 AM) (Source: DCOM) (EventID: 10010) (User: PCSteffen)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/31/2015 01:50:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-11-01 15:00:09.804
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.781
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.755
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.712
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:08.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 14:56:22.365
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 14:56:22.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8136.01 MB
Verfügbarer physikalischer RAM: 5927.41 MB
Summe virtueller Speicher: 16328.01 MB
Verfügbarer virtueller Speicher: 13800.1 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.13 GB) (Free:48.52 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.63 GB) (Free:142.48 GB) NTFS
Drive e: (AOE2) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS
Drive j: () (Fixed) (Total:931.51 GB) (Free:238.4 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 90909090)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 02.11.2015, 06:28   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
__________________

Alt 02.11.2015, 17:10   #4
steffen93
 
Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



ADW-Cleaner hatte beim löschen grade eine Fehler-Meldung. Danach hat es sich direkt beendet. Logs hab ich aber noch gefunden. Sieht so aus als wenn er auf irgendeinem Grund abgebrochen hat.

Code:
ATTFilter
# AdwCleaner v5.016 - Bericht erstellt am 02/11/2015 um 17:09:19
# Aktualisiert am 01/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Steffen - PCSTEFFEN
# Gestartet von : C:\Users\Steffen\Desktop\AdwCleaner_5.016.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

Dienst Gefunden : YSearchUtilSvc

***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\myfree codec
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gefunden : C:\Users\Steffen\AppData\Local\StormFall
Ordner Gefunden : C:\Users\Steffen\AppData\Local\YSearchUtil
Ordner Gefunden : C:\Users\Steffen\AppData\Roaming\StormFall
Ordner Gefunden : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk
Datei Gefunden : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Infiziert : C:\Users\Steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk ( hxxp://plarium.com/play/en/stormfall/top/?adCampaign=31084&clickID=yEyEzz0AyD0ByDzzyB0CyCyBtA0A0AtD&publisherID=1_1_2_4 )
Verknüpfung Infiziert : C:\Users\Steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk ( hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/ )

***** [ Geplante Tasks ] *****

Task Gefunden : WOT N
Task Gefunden : WOT T

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet

***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1987 Bytes] ##########
         
Code:
ATTFilter
 AdwCleaner v5.016 - Bericht erstellt am 02/11/2015 um 17:11:24
# Aktualisiert am 01/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Steffen - PCSTEFFEN
# Gestartet von : C:\Users\Steffen\Desktop\AdwCleaner_5.016.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : YSearchUtilSvc

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner Gelöscht : C:\Users\Steffen\AppData\Local\StormFall
[-] Ordner Gelöscht : C:\Users\Steffen\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Steffen\AppData\Roaming\StormFall
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk
[-] Datei Gelöscht : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****
         
Den Rest mache ich später. Muss grad leider erstmal weg

So...jetzt der Rest

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Steffen on 02.11.2015 at 17:59:12,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\worldoftanks.lnk



~~~ Folders

Successfully deleted: [Folder] C:\Users\Steffen\Appdata\Local\worldoftanks
Successfully deleted: [Folder] C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\worldoftanks
Successfully deleted: [Folder] C:\Users\Steffen\AppData\Roaming\worldoftanks
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Steffen\AppData\Roaming\mozilla\firefox\profiles\lsewtjom.default\minidumps [44 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

[C:\Users\Steffen\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Steffen\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Steffen\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Steffen\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2015 at 18:01:06,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Steffen (Administrator) auf PCSTEFFEN (02-11-2015 18:02:56)
Gestartet von C:\Users\Steffen\Desktop
Geladene Profile: Steffen & DefaultAppPool (Verfügbare Profile: Steffen & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2173224 2013-11-08] (Gainward Co. Ltd.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\RunOnce: [Uninstall C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\MountPoints2: {3d227071-4c2d-11e5-9bc2-806e6f6e6963} - "E:\aoesetup.exe" /autorun
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-31] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-03-27]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{141f13e7-4b9c-4ab5-915d-30be3c53895e}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2406949756-3404556640-376389215-1000 -> {88DBFEAC-A6F9-4323-9328-3A002CF4C6D1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-03-31] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default
FF DefaultSearchEngine: Yahoo Web
FF Homepage: hxxps://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-03-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2406949756-3404556640-376389215-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-26] ()
FF SearchPlugin: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\searchplugins\yahoo-ysp.xml [2015-10-26]
FF SearchPlugin: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\searchplugins\youtube.xml [2014-07-13]
FF Extension: boost project boost-Bar - C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\lsewtjom.default\Extensions\jid1-43E5o59FVrjLig@jetpack.xpi [2015-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-03-31] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-14]
CHR Extension: (Google Docs) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Google Drive) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-14]
CHR Extension: (YouTube) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-14]
CHR Extension: (Google-Suche) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-06]
CHR Extension: (Google Tabellen) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-14]
CHR Extension: (Bookmark Manager) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-06]
CHR Extension: (Skype Click to Call) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-06-06]
CHR Extension: (Google Wallet) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Google Mail) - C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKU\S-1-5-21-2406949756-3404556640-376389215-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-06-06] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-26] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-29] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 RalinkRegistryWriter; C:\Program Files (x86)\LevelOne\Common\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Datei ist nicht signiert]
S2 RalinkRegistryWriter64; C:\Program Files (x86)\LevelOne\Common\RaRegistry64.exe [447488 2012-01-12] (Ralink Technology, Corp.) [Datei ist nicht signiert]
S2 RaMediaServer; C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe [625728 2011-08-18] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-26] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-14] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-06-06] (BitRaider)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-26] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3772632 2015-07-10] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14368 1999-09-27] () [Datei ist nicht signiert]
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S1 KLIM6; \SystemRoot\system32\DRIVERS\klim6.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 18:01 - 2015-11-02 18:01 - 00001785 _____ C:\Users\Steffen\Desktop\JRT.txt
2015-11-02 17:55 - 2015-11-02 17:55 - 01798976 _____ (Malwarebytes) C:\Users\Steffen\Desktop\JRT.exe
2015-11-02 17:53 - 2015-11-02 17:53 - 00016148 _____ C:\WINDOWS\system32\PCSTEFFEN_Steffen_HistoryPrediction.bin
2015-11-02 17:14 - 2015-11-02 17:14 - 00000354 _____ C:\WINDOWS\PFRO.log
2015-11-02 17:14 - 2015-11-02 17:14 - 00000141 _____ C:\WINDOWS\setupact.log
2015-11-02 17:14 - 2015-11-02 17:14 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-11-02 17:09 - 2015-11-02 17:11 - 00000000 ____D C:\AdwCleaner
2015-11-02 17:06 - 2015-11-02 17:07 - 01708032 _____ C:\Users\Steffen\Desktop\AdwCleaner_5.016.exe
2015-11-01 17:57 - 2015-11-01 17:57 - 00003743 _____ C:\Users\Steffen\Desktop\MBAM.txt
2015-11-01 17:35 - 2015-11-02 18:03 - 00028718 _____ C:\Users\Steffen\Desktop\FRST.txt
2015-11-01 17:35 - 2015-11-01 17:36 - 00064328 _____ C:\Users\Steffen\Desktop\Addition.txt
2015-11-01 17:20 - 2015-11-02 18:02 - 00000000 ____D C:\FRST
2015-11-01 17:19 - 2015-11-01 17:19 - 02198016 _____ (Farbar) C:\Users\Steffen\Desktop\FRST64.exe
2015-11-01 16:07 - 2015-11-02 17:55 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-01 14:11 - 2015-11-01 14:12 - 22908888 _____ (Malwarebytes ) C:\Users\Steffen\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-10-30 15:57 - 2015-10-30 15:57 - 36283132 _____ (Thom Robertson) C:\Users\Steffen\Downloads\Artemis_Upgrade_v2_2_0.exe
2015-10-30 13:23 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:23 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:23 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:23 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:23 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:23 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:23 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:23 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:23 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:23 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:23 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:23 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:23 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:23 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:23 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:23 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:23 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:23 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:23 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:23 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:23 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:23 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:23 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:23 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:23 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:23 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:23 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:23 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:23 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:23 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:23 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:23 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:23 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:23 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 12:19 - 2015-10-30 12:20 - 29170369 _____ (Thom Robertson) C:\Users\Steffen\Downloads\Artemis_Upgrade_v2_1_1.exe
2015-10-30 12:17 - 2015-10-30 12:20 - 00000000 ____D C:\Program Files (x86)\Artemis
2015-10-30 12:17 - 2015-10-30 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artemis
2015-10-30 12:12 - 2015-10-30 12:17 - 171713118 _____ (Thom Robertson) C:\Users\Steffen\Downloads\ArtemisSBS_2.exe
2015-10-30 11:57 - 2015-10-30 11:59 - 73658702 _____ (Thom Robertson) C:\Users\Steffen\Downloads\ArtemisDEMOInstall.exe
2015-10-26 19:08 - 2015-10-26 19:08 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-26 19:02 - 2015-10-26 19:05 - 00584288 _____ (Oracle Corporation) C:\Users\Steffen\Downloads\JavaSetup8u65.exe
2015-10-19 16:20 - 2015-10-19 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-10-19 16:20 - 1999-09-27 13:30 - 00014368 ____R C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2015-10-19 16:07 - 2015-10-19 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-10-17 10:54 - 2015-10-17 10:54 - 01461024 _____ C:\Users\Steffen\Downloads\Samsung Link - CHIP-Installer.exe
2015-10-16 22:07 - 2015-10-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 18:54 - 2015-10-15 19:02 - 00000000 ____D C:\Users\Steffen\Documents\NFS SHIFT
2015-10-15 17:11 - 2015-10-15 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-15 17:11 - 2015-10-15 17:11 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Avira
2015-10-15 17:10 - 2015-10-15 17:11 - 00000000 ____D C:\ProgramData\Avira
2015-10-15 17:10 - 2015-10-15 17:11 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-15 17:10 - 2015-10-05 14:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-15 17:10 - 2015-10-05 14:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-10-15 17:06 - 2015-10-15 17:09 - 215891200 _____ C:\Users\Steffen\Downloads\avira_antivirus_210de-de.exe
2015-10-14 21:09 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 21:09 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 21:09 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 21:09 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 21:09 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 21:09 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 21:09 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 21:09 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 21:09 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 21:09 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 21:09 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 21:09 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 21:09 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 21:09 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 21:09 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 21:09 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 21:09 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 21:09 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 21:09 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 21:09 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 21:09 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 21:09 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 21:09 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 21:09 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 21:09 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 21:09 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 21:09 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 21:09 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 21:09 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 21:09 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 21:09 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 21:09 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 21:09 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 21:09 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 21:09 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 21:09 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 21:09 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 21:09 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 21:09 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 21:09 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 21:09 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 21:09 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 22:14 - 2015-10-12 22:14 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\11bitstudios
2015-10-12 19:45 - 2015-10-12 20:26 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2015-10-12 19:45 - 2015-10-12 19:46 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-10-12 19:44 - 2015-10-12 19:44 - 00000000 ____D C:\Users\Steffen\Documents\Fax
2015-10-08 17:25 - 2015-10-08 18:11 - 00000000 ____D C:\Users\Steffen\Documents\STAR WARS Battlefront Beta
2015-10-08 17:06 - 2015-10-08 17:06 - 00002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-07 15:36 - 2015-10-03 03:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-10-07 15:34 - 2015-11-02 16:45 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A55E3B4C-2499-48F6-9B91-AC34D22886D6}
2015-10-07 15:34 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 15:34 - 2015-10-03 05:58 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-10-06 19:47 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-10-06 19:47 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 17:35 - 2014-08-06 21:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-02 17:33 - 2014-03-29 17:19 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Skype
2015-11-02 17:20 - 2015-08-26 21:06 - 02104364 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 17:20 - 2015-07-10 17:34 - 00893636 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-02 17:20 - 2015-07-10 17:34 - 00200172 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-02 17:15 - 2014-03-29 17:19 - 00000000 ____D C:\ProgramData\Skype
2015-11-02 17:14 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 17:14 - 2015-02-14 15:43 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 17:14 - 2014-04-30 23:13 - 00000434 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-02 17:14 - 2014-03-27 21:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-02 17:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 17:13 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-02 17:07 - 2015-02-14 15:43 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 23:40 - 2014-05-10 00:21 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-01 23:40 - 2014-03-29 20:26 - 00000000 ____D C:\ProgramData\Origin
2015-11-01 18:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 18:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-01 17:57 - 2014-05-10 00:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-01 14:42 - 2015-08-26 22:01 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-01 14:42 - 2014-03-29 17:37 - 00000000 ____D C:\Users\Steffen\AppData\Local\CrashDumps
2015-11-01 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 14:12 - 2014-05-10 00:41 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-01 14:12 - 2014-05-10 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-01 14:12 - 2014-05-10 00:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-31 17:31 - 2014-12-27 16:54 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 17:19 - 2015-08-26 21:17 - 00002360 _____ C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 17:19 - 2014-08-27 19:28 - 00000000 ___RD C:\Users\Steffen\OneDrive
2015-10-30 18:16 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 11:26 - 2014-03-29 20:26 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-26 19:08 - 2014-07-17 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-26 19:08 - 2014-07-01 17:00 - 00000000 ____D C:\ProgramData\Oracle
2015-10-26 19:06 - 2015-08-26 21:58 - 00000000 ____D C:\Users\Steffen\.oracle_jre_usage
2015-10-26 19:06 - 2014-07-17 17:40 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-26 19:05 - 2014-07-01 17:00 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-24 14:19 - 2014-07-01 17:05 - 00014571 _____ C:\Users\Steffen\.heldEinstellungen4_1.xml
2015-10-24 14:19 - 2014-07-01 17:05 - 00000000 ____D C:\Users\Steffen\helden
2015-10-24 14:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-10-24 09:55 - 2014-07-01 17:05 - 00000286 _____ C:\Users\Steffen\.dsa4.properties
2015-10-24 00:58 - 2014-03-29 17:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-23 23:28 - 2015-04-07 21:06 - 00021899 _____ C:\Users\Steffen\Desktop\Torgrim .xml
2015-10-22 22:08 - 2015-02-14 15:44 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-21 22:08 - 2015-03-10 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-21 17:15 - 2014-03-27 21:45 - 00097280 _____ C:\Users\Steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-19 21:34 - 2014-03-27 21:10 - 00000000 ____D C:\Users\Steffen\AppData\Local\VirtualStore
2015-10-19 17:46 - 2015-07-10 13:20 - 00353688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-19 16:21 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-10-19 16:21 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-10-19 16:21 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-10-18 10:26 - 2014-03-29 17:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-18 02:17 - 2014-03-29 19:59 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\LolClient
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 18:47 - 2013-01-14 22:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-15 17:21 - 2014-03-30 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-15 17:20 - 2013-01-14 23:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 17:18 - 2013-01-14 23:36 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-13 17:24 - 2014-04-27 22:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-12 19:45 - 2015-09-10 19:13 - 00000000 ____D C:\Users\Steffen\AppData\Roaming\Canon
2015-10-11 11:29 - 2014-05-20 20:55 - 00000000 ____D C:\WinSwiss-8
2015-10-08 17:06 - 2014-03-27 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-07 15:36 - 2015-08-26 21:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-06 19:45 - 2015-08-26 21:22 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2014-05-10 00:41 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-03 16:03 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-03 05:58 - 2015-08-26 21:22 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-08-26 21:22 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 05:58 - 2015-07-23 03:02 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 05:58 - 2015-04-16 18:03 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-10-03 05:58 - 2015-04-16 06:19 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-10-03 05:58 - 2014-03-27 21:42 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 05:58 - 2014-03-27 21:42 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2014-03-27 21:42 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2014-03-27 21:42 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-27 21:57 - 2014-04-27 22:02 - 0021866 _____ () C:\Users\Steffen\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-04-27 22:10 - 2014-04-27 22:10 - 0023629 _____ () C:\Users\Steffen\AppData\Roaming\Microsoft Excel 97-2003.ADR
2014-03-27 22:51 - 2014-03-27 22:51 - 0000017 _____ () C:\Users\Steffen\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Steffen\AppData\Local\Temp\avgnt.exe
C:\Users\Steffen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 14:49

==================== Ende von FRST.txt ============================
         

Alt 02.11.2015, 17:12   #5
steffen93
 
Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Steffen (2015-11-02 18:03:26)
Gestartet von C:\Users\Steffen\Desktop
Windows 10 Home (X64) (2015-08-26 20:15:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2406949756-3404556640-376389215-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2406949756-3404556640-376389215-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2406949756-3404556640-376389215-503 - Limited - Disabled)
Gast (S-1-5-21-2406949756-3404556640-376389215-501 - Limited - Disabled)
Steffen (S-1-5-21-2406949756-3404556640-376389215-1000 - Administrator - Enabled) => C:\Users\Steffen

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 2.2_0.0 - Thom Robertson)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG3500 series Benutzerregistrierung (HKLM-x32\...\Canon MG3500 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Chess Position Trainer 5.04 (HKLM\...\{BAF9C5CC-17DE-4111-813B-392187D4D793}) (Version: 5.04 - SR Software Development)
ChessBase 10 (HKLM-x32\...\{CF652E2D-6128-49E9-833E-F131C4FC42CA}) (Version: 10 - ChessBase)
ChessBase 10 (x32 Version: 10 - ChessBase) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
Crysis (HKLM-x32\...\Steam App 17300) (Version:  - Crytek)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version:  - SEIKO EPSON Corporation)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
EXPERTool v8.9 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.9.8.5 - Gainward Co. Ltd.)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fritz 12 (HKLM-x32\...\{4F4182DA-3D58-41E3-913D-480F8DA5C863}) (Version: 12.0.0 - ChessBase)
Fritz 12 (x32 Version: 12.0.0 - ChessBase) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version:  - Codemasters Racing)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hugo - Diamantenfieber (HKLM-x32\...\Hugo - Diamantenfieber) (Version:  - )
Hugo3D PC (HKLM-x32\...\Hugo3D PC) (Version: 1.0 - ITE Media ApS Denmark)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version:  - Traveller's Tales)
LevelOne WUA-1610 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.17.0 - LevelOne)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.005 - MSI)
MyFreeCodec (HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\MyFreeCodec) (Version:  - )
Need for Speed: SHIFT (HKLM-x32\...\Steam App 24870) (Version:  - Slightly Mad Studios)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.14.5. - ORWO Net)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044.14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.22 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ Beta (HKLM-x32\...\{8A863B64-C9BE-4203-9ED7-92981CF690D3}) (Version: 1.0.3.51560 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Swiss-Chess für Windows Demo (HKLM-x32\...\Swiss-Chess für Windows Demo) (Version:  - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2406949756-3404556640-376389215-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Steffen\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05222C40-7E0A-4648-9C4A-9C2974F41099} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {062A000C-1721-4811-9E3A-4076E010879F} - System32\Tasks\{4E7EFE6B-E506-4B40-A8E9-4D9DB85B3F58} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {16B3833F-116A-4F56-88DC-9E84CCCE7E94} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {1DA5B0C5-F546-43C4-B48B-00074433DCED} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {218A9DA3-FC07-4274-8802-7DBBE5B961EE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2525BADE-B12C-4D1D-82EA-64BE886AB6C8} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2790A045-968C-422F-B0B7-C05ABA3C9BA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3CBA3212-88C6-4272-8E58-F76C8C54B417} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {61941F69-A747-42D7-8E6F-2B570515CF17} - System32\Tasks\{0BA8BD59-7A72-4E02-92CF-15F28D19B826} => D:\SteamLibrary\SteamApps\common\Imperial Glory\ImperialGlory.exe
Task: {61EC3A0D-31E6-4482-963C-AA2C5BCEF016} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {62CCCE8C-564C-4FE3-8A36-1479AC414F7E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {630F777A-23D2-438F-9D8D-B59C4D440633} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6507C53F-3F9A-4ED4-80EE-9640C45F051E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6600EBFB-3DD7-496B-9429-8851C65E1190} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {692BA803-6AFA-4EBE-97C4-878F47FDD9A5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {748FA040-0360-4C9A-9DEA-0D13A3EFB7C4} - System32\Tasks\EXPERTool => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2013-11-08] (Gainward Co. Ltd.)
Task: {7F32CEA7-A1A4-4614-99D0-6EA152C16A95} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {7FB2D9BF-E148-492E-A999-D6543A149214} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {843B657C-0F9E-4AE5-8C15-97C52B2B4A94} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {931F3F17-CEE3-4C7B-9C9A-CB5BF54DC43D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {9497AE20-6EC6-4306-9F04-47EF0F35C873} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {97BF0630-4581-4814-AAEC-CC3BFD002D6A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A36EDBC2-5D6D-4F1F-B6BF-D7B073E59D88} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A39F630C-33B7-41A0-8955-3AFCCEE5932E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A4B4EE8F-32C5-4DE2-80FB-5C19495ED069} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A6C70F15-99DC-4543-8D18-675A4DD9886C} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {AB8FEB1D-33D7-44A8-AB1E-2E845390AA7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {B113DA20-09A8-4B99-AA2B-5A2B4EACD4A6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {B2D546E2-B20D-461F-A31F-5E2ADC120327} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {BA576CAB-AD66-4A3A-AB82-9CFA92FE8B40} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {BDB3DE54-0CD1-400C-88ED-801532347146} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BF7B3265-B1F4-4925-87F5-4BB13F3062CB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C250DF7B-A19E-4451-9423-183EE02C5945} - System32\Tasks\{8F475F77-7229-4F1B-A88F-4C4748065BB3} => C:\Users\Steffen\Downloads\Xpadder_CB-DL-Manager.exe
Task: {CAEF9CC8-A300-47C6-9A62-DC029C9E3A17} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DC43FB56-34BA-4D94-9CD8-D77AE7B410D6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {DE591EA1-8D26-47E1-97F9-15DF3DD79C99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DE6441AE-2BD5-40F9-A262-4DDE81D99156} - System32\Tasks\{3D042C03-7F5F-4290-89D6-9CB0FBD29F30} => pcalua.exe -a C:\Users\Steffen\Downloads\epson374993eu.exe -d C:\Users\Steffen\Downloads
Task: {E2E2D3B0-C18A-4DE8-AB43-ECC4CD84C9DF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E938BC85-FC4F-403C-9EE1-8704297024DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EBF3ECE0-E113-4788-846A-1705407B92E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {F207DB6A-F366-4239-8496-E9E18DAC1824} - System32\Tasks\{82DB1F8D-3168-4A37-BFBC-CAB55923F21C} => C:\Users\Steffen\Downloads\Xpadder_CB-DL-Manager.exe
Task: {F31C4C29-38FF-425C-86A9-D0EE3C90E743} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F617BED9-57D7-402D-AF06-040B5AF3D656} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F7BC2A21-FC07-4975-BA93-88B5C3C8AAAD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {F934FF39-7D65-4D5C-9D59-B9847A4CB65A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F93ECBB4-B588-48DC-98B9-E68A07E603AE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {FD104670-3F97-44D1-8E20-5EC0C11D9902} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-26 21:58 - 2015-08-26 21:58 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-26 21:32 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 18:20 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:20 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 18:19 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 18:20 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:19 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 18:19 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:20 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-01-14 22:50 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-04-20 00:42 - 2014-04-20 00:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 00:42 - 2015-03-31 19:00 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 00:42 - 2014-04-20 00:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2406949756-3404556640-376389215-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steffen\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WUA-1610.lnk => C:\Windows\pss\WUA-1610.lnk.CommonStartup
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Steffen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Steffen\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
MSCONFIG\startupreg: MBCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2406949756-3404556640-376389215-1000\...\StartupApproved\Run: => "EPSON SX110 Series"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{FB847F92-341D-4DDA-A7D1-1E991E1A8B34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D65940A-F509-4024-9F81-DDC55158411C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{29C024F4-16F3-4DF5-BA6C-E5D2D318B156}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{353AE231-54C4-40CF-8711-20DA944FC331}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A27144D-4F64-4083-8BC4-A000A8E18532}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8EDD7ED6-4904-4C79-A4F6-E705282D645B}] => (Allow) D:\FIFA 13\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{8E008580-2938-4611-9C99-23ECEBBFB0B6}] => (Allow) D:\FIFA 13\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{BD9A8FB8-21DD-4893-BA6B-57B08EC653C1}] => (Allow) D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{CC57D89F-98EC-4EDF-9699-6B9E9CB28266}] => (Allow) D:\SteamLibrary\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{7615E625-215C-428C-92C6-9DD3CE11A26F}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C549A0D1-8CCE-45FD-921A-6BE4FCBF1869}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{E9A13590-5C38-428E-8915-C7E38FA02BBC}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{F76B3F79-C734-44D8-AE52-B867BFA7E461}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{6249F686-9089-4918-A1E6-A7C3970CD87A}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{F07699A6-412F-4D0A-81E2-EACFBAC9D6DC}] => (Allow) D:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9A6C2AA7-EF39-4001-8D0D-6A30C44B82FA}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{0CC5DA9A-9E80-4238-9133-AC48610AB4A5}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{16D167D9-CD02-49BC-BB95-CA0309716664}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{C913DDC4-0BE8-4449-A51D-8954FF224833}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{07B98528-2997-4882-AFDC-2050E06AE50D}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{689832C5-226F-49FA-ABB3-6C4BC46B5903}] => (Allow) D:\SteamLibrary\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{5ABCABDF-C2D4-4EB9-96CF-261A79951848}] => (Allow) D:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A3B5FE64-F5F0-4955-AF69-09F5702F5922}] => (Allow) D:\SteamLibrary\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A5F75450-ED35-4936-B4C2-21342CE0DB6A}] => (Allow) D:\SteamLibrary\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{7390D13C-C06A-4CF7-B39B-B51323F441DA}] => (Allow) D:\SteamLibrary\SteamApps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{0303914A-C651-4CB6-85F1-174DFAEF01AA}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{864EA1A4-B550-43D5-87F0-CB45C64B4D3E}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{6FC6404C-11A8-40BE-B19D-F67BDEEAB2A6}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{10D6F9D8-4A80-4311-983A-E2D53CF41EC2}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{880FBF30-59D7-40C6-AC18-76B42D9322B6}] => (Allow) D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6A7B00BB-AF9C-4195-BB43-D7B3755F5FAF}] => (Allow) D:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{22AD003D-A41D-4E56-9078-3FF81D9F9753}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDB9E9E1-D1BB-452D-AA70-2D09C336E18A}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{952B81A2-A48A-498A-BAAD-0557FFC064AA}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{7C8A72DA-2B0B-484C-A197-9CA3D0C6B4A0}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{3BD0D755-64ED-4755-85BB-53F952AAA13E}] => (Allow) D:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{BF30D531-CF16-4BAA-9B99-854211F0D92A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CF669CC5-C9FF-4B05-8F66-3786B4ADA5E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DA498A52-B713-4295-AE3F-859E6F8E7296}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34DAD60D-DE45-443C-9EE1-EB8D957B7655}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DF7AFD9C-725A-4169-84E8-5D9307FF971C}] => (Allow) D:\SteamLibrary\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{6D06D974-6FC4-45A2-BFF0-7ED5CF67BBCF}] => (Allow) D:\SteamLibrary\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{6ECB9B08-627F-442B-B9A1-04EBB59B7451}] => (Allow) D:\SteamLibrary\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{116C2A24-D9F2-4FD4-9254-F53CC7614076}] => (Allow) D:\SteamLibrary\SteamApps\common\Crysis\Bin32\Crysis.exe
FirewallRules: [{FE239977-FB6C-4D83-A002-364D50CB3D4D}] => (Allow) D:\FIFA 13\Battlefield 3\bf3.exe
FirewallRules: [{5A8FE2D5-0C1C-4F44-B3CB-FAB8BF96D538}] => (Allow) D:\FIFA 13\Battlefield 3\bf3.exe
FirewallRules: [{E2C25298-B939-4684-8C55-F40978DBE3F2}] => (Allow) D:\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{43A4CCD8-B14D-4659-97BB-9A58D0F84F47}] => (Allow) D:\SteamLibrary\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{32F46A21-C9DD-4CB8-B87E-CDF430379275}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5217F87A-1C8E-4654-975E-52CD40ABB541}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F080D289-59D6-4256-A305-94B85313F2E9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8F1EEB70-1E9B-440F-86FF-B0528E7D4E02}] => (Allow) LPort=1900
FirewallRules: [{00045005-C8E4-4510-A7D7-F55B4ACCFE25}] => (Allow) LPort=2869
FirewallRules: [{4D5662B2-1A42-4BEE-A4B4-887EFAAD9C9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1386F03B-33F5-4CB7-BC79-D03A338A1453}] => (Allow) C:\Users\Steffen\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{AD51B8F8-1D45-4C4A-9191-75B1D91A1E00}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{36AB1477-641F-4CB3-BDE8-C5E41D89ECD6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{60766BAC-28B2-460D-9D1D-EBA66C4E374A}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{B233BDCF-4148-47BB-B8D4-2957C42C71CA}D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{DBC8519F-AFBE-439A-B0D9-8C7EF89B72F5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B8DD5CFE-D93C-413C-9961-C251F0B9D85A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{488B27DF-BD52-4C58-A6D2-E5C5BB873375}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{45933683-E10A-49D7-BD0C-9CE16B2F9C2E}] => (Allow) D:\FIFA 13\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{72F044BF-D00E-47AD-AA81-0B3BF3D54A1E}] => (Allow) D:\FIFA 13\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{F902466E-ABEB-4D39-9196-427A6AEE88C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{76E71B87-0675-4C2D-B0FC-6544ABDF51DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2CC14BAE-4AD2-4970-B5F3-B76062FFB48B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3C87454E-E419-4769-AAA2-B08C201F9109}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{928DFD5C-448D-46D9-8059-90EF5327F03D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC04B36E-6C36-44DD-A84C-1F7D96CC9946}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe
FirewallRules: [{10910938-4AD7-4711-AE66-7FD8C3F205CE}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaMediaServer.exe
FirewallRules: [{B8F130A6-065D-4F33-B5EE-5DE0A0901078}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaUI.exe
FirewallRules: [{BCD6A31C-F11B-4DBB-8056-57EE7649C664}] => (Allow) C:\Program Files (x86)\LevelOne\Common\RaUI.exe
FirewallRules: [{CE7B23DE-FD8E-4BC8-90FE-3F40F5979A0B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B2EB551-8221-4B01-B819-9CE92E973834}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{95027D5C-7E8D-49FF-87DC-7B878F598BFB}D:\fifa 13\fifa 15\fifa15.exe] => (Block) D:\fifa 13\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{F30A02CA-40DF-45C4-A4AE-E33FF35F2A1C}D:\fifa 13\fifa 15\fifa15.exe] => (Block) D:\fifa 13\fifa 15\fifa15.exe
FirewallRules: [{78788236-B6C7-4D92-8DA5-6AA4E3799FEA}] => (Allow) E:\fsetup.exe
FirewallRules: [{C943E4D1-D756-40E1-B9FC-2D9B0FEB9B7D}] => (Allow) E:\fsetup.exe
FirewallRules: [{1539B6B5-3C84-4239-A9CA-B74E11173BA4}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{3A909B1D-3B41-4A71-B0A7-40C6D796F41F}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{5375E4EE-23A1-4AE2-B3A8-C630CF4625FD}] => (Allow) D:\FIFA 13\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{8C9E660A-0E53-4E57-8FDF-97196C230BEB}] => (Allow) D:\FIFA 13\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{F150A2B4-541B-4841-932B-4B515C39EDC7}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{AE4CDC2C-2092-413C-BD21-CED6595A3A3C}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{92D5770B-9E7C-41CB-99FF-DA7608A54B8D}] => (Allow) D:\SteamLibrary\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CB342012-A0E4-4A71-AC19-C3F13321DE28}] => (Allow) D:\SteamLibrary\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{BFA3DC52-ADE1-4E25-83D4-A54D858D7E36}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift\SHIFT.exe
FirewallRules: [{818B2D41-E1EF-4342-9063-80924E88993F}] => (Allow) D:\SteamLibrary\SteamApps\common\Need For Speed Shift\SHIFT.exe
FirewallRules: [TCP Query User{07F2E0ED-8222-46FA-90A4-F7B52CA66CE7}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{8D9E9B3D-60AB-401B-B2FB-4D7122DCE97B}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{F1A894CF-C5B7-4203-AC2F-94D689B72042}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9D2D1DC6-2DDE-4050-ABF5-31EFF046BECC}C:\program files (x86)\artemis\artemis.exe] => (Allow) C:\program files (x86)\artemis\artemis.exe
FirewallRules: [UDP Query User{D6E28C2B-265F-4CDE-B929-6B6E547471F6}C:\program files (x86)\artemis\artemis.exe] => (Allow) C:\program files (x86)\artemis\artemis.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 05:17:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Name des fehlerhaften Moduls: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025ae8
ID des fehlerhaften Prozesses: 0x9b8
Startzeit der fehlerhaften Anwendung: 0xRaMediaServer.exe0
Pfad der fehlerhaften Anwendung: RaMediaServer.exe1
Pfad des fehlerhaften Moduls: RaMediaServer.exe2
Berichtskennung: RaMediaServer.exe3
Vollständiger Name des fehlerhaften Pakets: RaMediaServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RaMediaServer.exe5

Error: (11/01/2015 11:40:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PCSteffen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 02:40:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Name des fehlerhaften Moduls: RaMediaServer.exe, Version: 0.0.0.0, Zeitstempel: 0x4e4ce02f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025ae8
ID des fehlerhaften Prozesses: 0xa40
Startzeit der fehlerhaften Anwendung: 0xRaMediaServer.exe0
Pfad der fehlerhaften Anwendung: RaMediaServer.exe1
Pfad des fehlerhaften Moduls: RaMediaServer.exe2
Berichtskennung: RaMediaServer.exe3
Vollständiger Name des fehlerhaften Pakets: RaMediaServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RaMediaServer.exe5

Error: (11/01/2015 01:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x23e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 01:38:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x154c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 01:38:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 41.0.2.5765 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 54c

Startzeit: 01d1149bed657594

Beendigungszeit: 201

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 720cc049-8095-11e5-9bd2-448a5b587c67

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 01:38:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x554
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x23e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x1ed8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (11/01/2015 12:53:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x968
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


Systemfehler:
=============
Error: (11/02/2015 05:59:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Extreme Tuning Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSI_Trigger_Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RalinkRegistryWriter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RalinkRegistryWriter64" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 05:59:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSI_LiveUpdate_Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-11-01 15:00:09.804
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.781
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.755
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.712
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:09.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 15:00:08.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 14:56:22.365
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-01 14:56:22.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8136.01 MB
Verfügbarer physikalischer RAM: 5902.31 MB
Summe virtueller Speicher: 16328.01 MB
Verfügbarer virtueller Speicher: 13700.55 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.13 GB) (Free:48.16 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.63 GB) (Free:142.48 GB) NTFS
Drive e: (AOE2) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS
Drive j: () (Fixed) (Total:931.51 GB) (Free:238.4 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 90909090)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 03.11.2015, 17:02   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



AdwCleaner löschen und neu laden, nochmal laufen lassen bitte
__________________
--> Watch4 öffnet sich von alleine

Alt 03.11.2015, 22:09   #7
steffen93
 
Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



Jetzt lief es problemlos.

Code:
ATTFilter
# AdwCleaner v5.017 - Bericht erstellt am 03/11/2015 um 22:16:16
# Aktualisiert am 03/11/2015 von Xplode
# Datenbank : 2015-11-03.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Steffen - PCSTEFFEN
# Gestartet von : C:\Users\Steffen\Desktop\adwcleaner_5.017.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : WOT N
[-] Task Gelöscht : WOT T

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet

***** [ Internetbrowser ] *****


*************************

:: "Tracing" schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1017 Bytes] ##########
         
Schon seit dem ersten löschen ist der Tab nicht mehr geöffnet worden. Was mir aber jetzt schon 3-4 Mal aufgefallen ist: Nach dem hochfahren, habe ich kein Internet. Statt der Fritzbox wird nur ein nicht identifiziertes Netzwerk angezeigt mit dem ich zwar verbunden bin, was aber "begrenzt" meldet. Deaktivieren und Aktivieren behebt das Problem und die FritzBox wird auch wieder richtig angezeigt

Alt 04.11.2015, 19:21   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Watch4 öffnet sich von alleine - Standard

Watch4 öffnet sich von alleine



Netzwerktreiber neu installieren. Die FritzBox Verbindung komplett raus löschen, dann neu einstellen.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Watch4 öffnet sich von alleine
adobe, antivirus, defender, dnsapi.dll, ebanking, excel, flash player, helper, home, homepage, kaspersky, mozilla, neustart, npdicihegicnhaangkdmcgbjceoemeoo, onedrive, pup.optional.startgamepage, pup.optional.stormfall, security, services.exe, software, usb, watch 4 öffnet sich von alleine, windows, öffnet



Ähnliche Themen: Watch4 öffnet sich von alleine


  1. Windows 10: Watch4 Seite öffnet sich von alleine
    Log-Analyse und Auswertung - 28.11.2015 (24)
  2. Windows 10 / Google Chrome: watch4.de öffnet sich von selbst
    Plagegeister aller Art und deren Bekämpfung - 13.11.2015 (1)
  3. Windows 10: Watch4 öffnet sich einfach so. Gmer Error.
    Log-Analyse und Auswertung - 23.10.2015 (16)
  4. Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (13)
  5. Watch4.de öffnet sich einfach. Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 10.10.2015 (5)
  6. Die Seite Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 30.09.2015 (7)
  7. Die Seite Watch4 öffnet sich einfach so
    Plagegeister aller Art und deren Bekämpfung - 21.09.2015 (12)
  8. Chrome öffnet sich von alleine und öffnet dann Popup Fenster
    Log-Analyse und Auswertung - 08.03.2015 (11)
  9. Inernet öffnet sich von alleine + Tabs öffnen sich mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.12.2014 (27)
  10. Mein Computer öffnet in der Nacht Seiten von Watch4 (von alleine und in massen)
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (7)
  11. IE öffnet sich von alleine.
    Log-Analyse und Auswertung - 30.12.2010 (1)
  12. IE öffnet sich alleine/Werbung
    Log-Analyse und Auswertung - 14.11.2010 (18)
  13. IE öffnet sich ungefagt, laute Musik startet von alleine und Wave stellt sich auf minimal.
    Plagegeister aller Art und deren Bekämpfung - 27.07.2010 (5)
  14. IE Explorer öffnet sich von alleine
    Log-Analyse und Auswertung - 18.08.2009 (1)
  15. IE öffnet sich ständig von alleine
    Plagegeister aller Art und deren Bekämpfung - 11.02.2009 (3)
  16. Internetexploer öffnet sich von alleine
    Log-Analyse und Auswertung - 03.12.2006 (1)
  17. Mozilla öffnet werbeseiten oder öffnet sich komplett von alleine
    Log-Analyse und Auswertung - 25.10.2005 (2)

Zum Thema Watch4 öffnet sich von alleine - Hallo, heute hat sich im Firefox ein neuer Tab von watch4 geöffnet ohne das ich was gemacht habe. Habe danach Malwarebytes drüber laufen lassen. Der hat auch was gefunden, aber - Watch4 öffnet sich von alleine...
Archiv
Du betrachtest: Watch4 öffnet sich von alleine auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.