Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Chrome lädt Malware - MS Edge nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.03.2016, 21:44   #1
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Hallo,

Google Chrome lädt beim Besuch harmloser Websites wie dict.leo.org, www.thaiairways.com ständig Adware nach wie BestpriceNinja, etc ....
MS Edge tut dies jedoch nicht.
.
Diese Adware läßt sich zwar problemlos mit Malware Byte oder Spy Hunter entfernen, werden aber von Chrome beim Besuch dieser Websites immer wieder geladen und so taucht ständig Werbung auf.

Alt 03.03.2016, 22:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 03.03.2016, 23:14   #3
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Hallo und vielen Dank für die Hilfe

Eine Log Datei von Malwarebytes.
Obwohl der Suchlauf 12 Bedrohungen findet, wird in der Scan Log Datei keine Angeführt ???

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 03.03.2016
Suchlaufzeit: 18:23
Protokolldatei: malwarebyte - log.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.03.05
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: hanne

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 451205
Abgelaufene Zeit: 8 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Farbar's Recovery Scan tool:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
durchgeführt von hanne (Administrator) auf VEINTICUATRO-XE (03-03-2016 22:52:06)
Gestartet von C:\Users\hanne\Desktop
Geladene Profile: hanne (Verfügbare Profile: hanne)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Future Systems Solutions, Inc.) C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(VMware, Inc.) F:\VMWare 12\vmware-authd.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamservice.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() F:\VMWare 12\vmware-hostd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() F:\XECTool\xectool.exe
(ChessBase GmbH) F:\ChessBase13\CBase13\CBase13.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Malwarebytes) F:\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() F:\Houdini 4 Chess\Houdini_4_Pro_x64A.exe
() F:\Stockfish\stockfish-dd-win\Windows\stockfish-dd-64-modern.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856 2015-09-23] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => F:\iiTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vmware-tray.exe] => F:\VMWare 12\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-09-22] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7568104 2015-09-23] ()
HKLM-x32\...\Run: [WinCast] => R:\CDSetup\setup.exe -ldeu
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-25] (Corel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Steam] => F:\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [IDMan] => F:\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [881336 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AudialsNotifier] => F:\Audials\Audials 2016\AudialsNotifier.exe [2412952 2015-12-14] ()
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AnyDVD] => F:\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-08-27] (SlySoft, Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\RunOnce: [Uninstall C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Policies\Explorer: [NoThumbnailCache] 1
IFEO\freegifmaker.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\freestudiomanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\premiummembershipoffer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => F:\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{f3eb969f-39af-462b-a895-ac671597ea78}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-24] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-24] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-11] (Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-11] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5 [2016-03-03] [ist nicht signiert]
FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - F:\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - F:\Internet Download Manager\idmmzcc2.xpi [2016-01-27]

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-02]
CHR Extension: (Google Drive) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-02-26]
CHR Extension: (Google-Suche) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-11-09]
CHR Extension: (Norton Identity Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-11]
CHR Extension: (IDM Integration Module) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-12]
CHR Extension: (Norton Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-11-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Synology Web Clipper) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2016-03-03]
CHR Extension: (Google Mail) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] ()
R2 caspereui; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.)
R2 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-13] (Digital Wave Ltd.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
R2 MBAMScheduler; F:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; F:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 RoxioBurnLauncher; F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()
S3 RoxMediaDB15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-25] (Corel Corporation)
S2 RoxWatch15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-25] (Corel Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-01-19] (Enigma Software Group USA, LLC.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 VMAuthdService; F:\VMWare 12\vmware-authd.exe [89792 2015-08-14] (VMware, Inc.)
R2 VMwareHostd; F:\VMWare 12\vmware-hostd.exe [12465344 2015-08-14] ()
S3 VSStandardCollectorService140; F:\MS Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-11-08] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-11-08] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-09-12] (Acronis International GmbH)
R3 hcwhdpvr; C:\Windows\system32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20160302.001\IDSvia64.sys [767224 2016-02-13] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-06] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160303.006\ENG64.SYS [138488 2016-02-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160303.006\EX64.SYS [2148080 2016-02-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
S3 prl_virtual_sound; C:\Windows\system32\DRIVERS\prl_virtual_sound.sys [46312 2015-05-27] (Parallels Holdings, Ltd. and its affiliates.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-09-02] (Audials AG)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-10-24] (Duplex Secure Ltd)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-10-07] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [198088 2015-10-07] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [553912 2015-10-07] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-07-23] (TuneUp Software)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-07-24] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-07-24] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-07-24] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U5 xb1usb; C:\Windows\System32\Drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2015-09-06] (X10 Wireless Technology, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-03 22:52 - 2016-03-03 22:52 - 00029825 _____ C:\Users\hanne\Desktop\FRST.txt
2016-03-03 22:44 - 2016-03-03 22:44 - 00001187 _____ C:\Users\hanne\Desktop\mwb.txt
2016-03-03 22:42 - 2016-03-03 22:42 - 00001192 _____ C:\Users\hanne\Desktop\mwb -log.txt
2016-03-03 22:24 - 2016-03-03 22:40 - 00001201 _____ C:\Users\hanne\Desktop\malwarebyte - log.txt
2016-03-03 22:08 - 2016-03-03 22:08 - 00002922 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2016-03-03 21:38 - 2016-03-02 22:01 - 02371584 _____ (Farbar) C:\Users\hanne\Desktop\FRST64.exe
2016-03-03 21:35 - 2016-03-03 21:37 - 00108718 _____ C:\TDSSKiller.3.1.0.9_03.03.2016_21.35.19_log.txt
2016-03-03 18:57 - 2016-03-03 21:07 - 00000546 _____ C:\Users\hanne\Desktop\JRT.txt
2016-03-03 18:53 - 2016-03-03 18:53 - 01609216 _____ (Malwarebytes) C:\Users\hanne\Desktop\JRT_8.0.3.exe
2016-03-02 23:25 - 2016-03-02 23:27 - 00108726 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_23.25.04_log.txt
2016-03-02 23:23 - 2016-03-02 23:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\hanne\Desktop\tdsskiller.exe
2016-03-02 22:03 - 2016-03-03 22:52 - 00000000 ____D C:\FRST
2016-03-02 20:22 - 2016-03-02 20:22 - 00001086 _____ C:\Users\hanne\Desktop\ADWCleaner.lnk
2016-03-02 20:17 - 2016-03-03 18:46 - 00000000 ____D C:\AdwCleaner
2016-03-02 20:15 - 2016-03-02 20:16 - 01518592 _____ C:\Users\hanne\Downloads\adwcleaner_5.037.exe
2016-03-01 21:15 - 2016-03-01 21:15 - 00002231 _____ C:\Users\hanne\Downloads\event58035.pgn
2016-03-01 19:30 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-01 19:30 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 19:30 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-01 19:30 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-01 19:30 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-01 19:30 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 19:30 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:30 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 19:30 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 19:30 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 19:30 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-01 19:30 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-01 19:30 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:30 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 19:30 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-01 19:30 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 19:30 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 19:30 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 19:30 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 19:30 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 19:30 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 19:30 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 19:30 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 19:30 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 19:30 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-01 19:30 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-01 19:30 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 19:30 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 19:30 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 19:30 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 19:30 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 19:30 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 19:30 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 19:30 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 19:30 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-01 19:30 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 19:30 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-01 19:30 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 19:30 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 19:30 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 19:30 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 19:29 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 19:29 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 19:29 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 19:29 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 19:29 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 19:29 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 19:29 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 19:29 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-01 19:29 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 19:29 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 19:29 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 19:29 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 19:29 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 19:29 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 19:29 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 19:29 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-01 19:29 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 19:29 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-01 19:29 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-01 19:29 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-01 19:29 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-01 19:29 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-01 19:29 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 19:29 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 19:29 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 19:29 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 19:29 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 19:29 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 19:29 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 19:29 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 19:29 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 19:29 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 19:29 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 19:29 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 19:29 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 19:29 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 19:29 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 19:29 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 19:29 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 19:29 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 19:29 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-01 19:29 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 19:29 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 19:29 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 19:29 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-01 19:29 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 19:29 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-01 19:29 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-01 19:29 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 19:29 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 19:29 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 19:29 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 19:29 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 19:29 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 19:29 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 19:29 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 19:29 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 19:29 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 19:29 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 19:29 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 19:29 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 19:29 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 19:29 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 19:29 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 19:29 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-01 19:29 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 19:29 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-01 19:29 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 19:29 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 19:29 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-01 19:29 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-01 19:29 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 19:29 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 19:29 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:29 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 19:29 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 19:29 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 19:29 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 19:29 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 19:29 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-01 19:29 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-01 19:29 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 19:29 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-01 19:29 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 19:29 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 19:29 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 19:29 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-01 19:29 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 19:29 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 19:29 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-01 19:29 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 19:29 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 19:29 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 19:29 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 19:29 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 19:29 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 19:29 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 19:29 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 19:29 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 19:29 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 19:29 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 19:29 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 19:29 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-01 19:29 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 19:29 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 19:29 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 19:29 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-01 19:29 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 19:29 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:29 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 19:29 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 19:29 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-01 19:29 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-01 19:29 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 19:29 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-01 19:29 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 19:29 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 19:29 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 19:29 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-01 19:29 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-01 19:29 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 19:29 - 2016-02-23 08:21 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-03-01 19:29 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 19:29 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 19:29 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 19:29 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 19:29 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 19:29 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 19:29 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 19:29 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 19:29 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 19:29 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-01 19:29 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 19:29 - 2016-02-23 07:52 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-03-01 19:29 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 19:29 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 19:29 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 19:29 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 19:29 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 19:29 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-01 19:29 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 19:29 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 19:29 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 19:29 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 19:29 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-01 19:29 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 19:29 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 19:29 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 19:29 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 19:29 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-02-26 17:36 - 2016-02-26 17:36 - 00000000 ____D C:\Users\hanne\AppData\Local\TempTaskUpdateDetection72F652F6-855E-44A2-9053-2E8F6EB79632
2016-02-25 20:35 - 2016-02-25 20:35 - 00023416 _____ C:\Users\hanne\Downloads\Sage DPW.html
2016-02-25 20:35 - 2016-02-25 20:35 - 00000000 ____D C:\Users\hanne\Downloads\Sage DPW_files
2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\Users\hanne\AppData\Local\Stardock
2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\ProgramData\Stardock
2016-02-18 19:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-02-18 19:33 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-02-18 19:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-02-18 19:33 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-02-18 19:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-02-18 19:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-02-18 19:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-02-18 19:32 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-02-18 19:32 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-02-18 19:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-02-18 19:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-02-18 19:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-02-18 19:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-02-18 19:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-02-18 19:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-02-18 19:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-02-18 19:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-02-18 19:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-02-18 19:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-02-18 19:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-02-18 19:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-02-18 19:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-02-18 19:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-02-18 19:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-02-18 19:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-02-18 19:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-02-18 19:32 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-02-18 19:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-02-18 19:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-02-18 19:32 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-02-18 19:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-02-18 19:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-02-18 19:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-02-18 19:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-02-18 19:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-02-18 19:32 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-02-18 19:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-02-18 19:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-02-18 19:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-02-18 19:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-02-18 19:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-02-18 19:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-02-18 19:32 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-02-18 19:32 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-02-18 19:13 - 2016-02-18 19:13 - 00000202 _____ C:\Users\hanne\Desktop\Galactic Civilizations III.url
2016-02-17 21:52 - 2016-02-17 21:52 - 00017359 _____ C:\Users\hanne\Downloads\Calendar of Events 2015-2017-v2015-08-18.xlsx
2016-02-11 15:26 - 2016-01-28 10:20 - 00209056 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-02-09 19:46 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:46 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:46 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:46 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:46 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:46 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:46 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:46 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:45 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:45 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:45 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:45 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:45 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:45 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:45 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:45 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:45 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:45 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:45 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:45 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:45 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:45 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:45 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:45 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:45 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:45 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:45 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:45 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:45 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:45 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:45 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:45 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:45 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:45 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-03 22:35 - 2015-09-11 20:10 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-03 21:55 - 2015-10-04 17:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-03 21:05 - 2015-09-11 20:18 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\Outlook-Dateien
2016-03-03 19:17 - 2015-10-05 18:01 - 00000000 ____D C:\Users\hanne\AppData\Local\CrashDumps
2016-03-03 18:54 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-03 18:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-03 18:53 - 2015-10-30 19:35 - 00819822 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-03 18:53 - 2015-10-30 19:35 - 00173854 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-03 18:53 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-03 18:53 - 2015-09-06 10:39 - 01917186 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 18:52 - 2015-11-27 17:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2016-03-03 18:47 - 2015-12-12 04:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-03 18:47 - 2015-12-12 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-03 18:47 - 2015-09-11 23:29 - 00000000 ____D C:\ProgramData\VMware
2016-03-03 18:47 - 2015-09-11 20:10 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-03 18:46 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-03 18:36 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\DMCache
2016-03-03 18:25 - 2015-09-11 19:33 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E4E2C49-7D3D-48D2-A695-64BB57B55EF8}
2016-03-03 18:24 - 2015-09-11 18:03 - 00000000 ____D C:\Users\hanne\AppData\Local\Adobe
2016-03-02 20:26 - 2015-12-12 03:59 - 00000000 ____D C:\Users\hanne
2016-03-02 20:17 - 2015-10-19 18:39 - 00000000 ____D C:\Users\hanne\AppData\Local\NPE
2016-03-02 18:28 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-02 18:25 - 2015-09-06 10:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 18:24 - 2015-12-12 03:57 - 05102488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-01 23:54 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 19:51 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-28 09:27 - 2015-09-11 23:15 - 00000000 ____D C:\Users\hanne\AppData\Roaming\vlc
2016-02-27 13:18 - 2015-09-06 10:41 - 00000000 ____D C:\Users\hanne\AppData\Local\Packages
2016-02-26 17:41 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-26 17:40 - 2015-09-11 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\My Games
2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\AppData\Local\My Games
2016-02-19 23:36 - 2015-09-11 20:10 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 23:36 - 2015-09-11 20:10 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-18 19:32 - 2015-09-06 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-18 19:13 - 2015-11-15 12:39 - 00000000 ____D C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-18 18:42 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\IDM
2016-02-17 18:34 - 2015-09-11 18:55 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-02-12 19:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 19:18 - 2015-09-06 10:42 - 00002387 _____ C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-11 19:18 - 2015-09-06 10:42 - 00000000 ___RD C:\Users\hanne\OneDrive
2016-02-11 17:16 - 2015-12-15 19:41 - 00000017 _____ C:\WINDOWS\.ini
2016-02-10 18:12 - 2015-09-06 10:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 18:09 - 2015-09-06 10:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 17:54 - 2015-09-11 18:08 - 00000000 ___RD C:\Users\hanne\Creative Cloud Files
2016-02-10 17:54 - 2015-09-11 18:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-09 20:46 - 2015-12-20 14:29 - 00000000 ____D C:\WINDOWS\symbols
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 18:30 - 2015-09-11 20:10 - 00004208 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 18:30 - 2015-09-11 20:10 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-12 21:14 - 2015-10-03 23:47 - 0094795 _____ () C:\Users\hanne\AppData\Local\parallels-pax.log
2015-10-24 08:02 - 2015-10-24 10:13 - 0000600 _____ () C:\Users\hanne\AppData\Local\PUTTY.RND
2015-09-16 13:09 - 2015-09-16 13:09 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-10-14 02:49 - 2014-10-14 02:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\hanne\ParallelsAccess-3.0.1-30654-win.exe


Einige Dateien in TEMP:
====================
         
Die Addition.Txt muß ich in einer neuen Antwort posten, da die max. Zeichenanzahl hier erreicht ist.
__________________

Alt 03.03.2016, 23:17   #4
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Hier die Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-03-2016
durchgeführt von hanne (2016-03-03 22:52:34)
Gestartet von C:\Users\hanne\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 03:08:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1936510213-3086724655-2435381783-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1936510213-3086724655-2435381783-503 - Limited - Disabled)
Gast (S-1-5-21-1936510213-3086724655-2435381783-501 - Limited - Disabled)
hanne (S-1-5-21-1936510213-3086724655-2435381783-1002 - Administrator - Enabled) => C:\Users\hanne

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

5KPlayer 3.1 (HKLM-x32\...\5KPlayer_is1) (Version:  - DearMob, Inc.)
Acronis True Image 2016 (HKLM-x32\...\{5E5999D7-85DD-4B82-B48B-5F60BDFAC502}Visible) (Version: 19.0.5634 - Acronis)
Acronis True Image 2016 (x32 Version: 19.0.5634 - Acronis) Hidden
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.7.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.2.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.50 - FinalWire Ltd.)
AllSync (HKLM-x32\...\AllSync_is1) (Version: 3.5.102 - Michael Thummerer Software Design)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.4.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{903D0F33-D3CF-48D6-967D-84004089428A}) (Version: 4.0.51203.1 - Microsoft Corporation)
ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: 2.0.45.12 - ArcSoft)
Audials (HKLM-x32\...\{0336AD00-7F30-47A9-8EFB-CDDAD979C19E}) (Version: 12.1.9700.0 - Audials AG)
Audials (HKLM-x32\...\{39DE26F8-C180-47F3-9CCC-6EE4B95DA93D}) (Version: 14.0.51000.0 - Audials AG)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
BASE 6.1 (HKLM-x32\...\BASE 6.1) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Casper 8.0 (HKLM\...\{1A22A914-D43F-4BF6-BE8C-8C4D8E76CAF6}) (Version: 8.0.46120 - Future Systems Solutions, Inc.)
CDLIB 5.1 (HKLM-x32\...\CDLIB) (Version: 5.1 - CDLIB)
ChessBase 13 64-bit (HKLM\...\{9422AB50-000A-496D-83D2-B0E9EE49FD2C}) (Version: 13.4.0.0 - ChessBase)
Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)
Creator NXT 3 Content (x32 Version: 16.0.004 - Roxio) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dispatcher (HKLM-x32\...\Steam App 341980) (Version:  - CivilSavages)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
DVR-Capture 2.00 (HKLM-x32\...\DVR-Capture 2) (Version: 2.00 - Haenien-Software)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.19 - Haenlein-Software)
DVR-Studio HD 4 (HKLM-x32\...\DVR-Studio HD 4) (Version: 4.02.03 - Haenlein-Software)
EF Multi File Renamer (HKLM\...\EF Multi File Renamer) (Version:  - EFSoftware)
EF Multi File Renamer (HKLM-x32\...\EF Multi File Renamer) (Version:  - EFSoftware)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.7.1013 - DVDVideoSoft Ltd.)
Galactic Civilizations III (HKLM-x32\...\Steam App 226860) (Version:  - Stardock Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version:  - Hauppauge Computer Works)
Hauppauge WinTV IR Blaster (HKLM-x32\...\Hauppauge WinTV IR Blaster) (Version: 7.4.29102 - Hauppauge Computer Works, Inc.)
Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version:  - )
Houdini 4 Pro (HKLM\...\{FEBA7043-8935-4747-9EC4-0672C8B134CE}_is1) (Version: 4 - Houdini Chess)
ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
KC Softwares VideoInspector (HKLM-x32\...\KC Softwares VideoInspector_is1) (Version: 2.8.1.133 - KC Softwares)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Movavi Video Suite 14 (HKLM-x32\...\Movavi Video Suite 14) (Version: 14.3.0 - Movavi)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 15 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24723 - Microsoft Corporation) Hidden
Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: 1.0.4.0 - Roxio)
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SmartControlCenter (HKLM-x32\...\{63CE935C-03E3-4EB4-B194-792CB2F91C87}) (Version: 1.1.1.14 - Netgear)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TVgenial 5.40 (HKLM-x32\...\TVgenial) (Version:  - )
TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-04310A690DF6}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> F:\Roxio\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0533D784-79DC-488E-81BE-9E9EFCB05A8D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {1BD57935-9038-4536-9569-F3642D6C3534} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {3188B169-89D4-4BF1-8041-C5FF5B44FD6E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hannes.rada@inode.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {48CC8FC8-9A0D-4029-BB1A-28052580D707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)
Task: {51D97364-0FE0-44E3-9C16-8E916568DEFC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {58ECE3A8-3713-481C-9AE7-9BA92F017BD2} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {5F86521A-5443-4819-B1EF-AC0170B620C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6688E82F-836B-44F7-B7C9-B55757A2496C} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {6B5B4B5C-C19F-4E08-A10A-8FA9A4A93453} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
Task: {719ACE92-93A1-4432-8803-A8552049D0A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {73B1D130-5DBD-4EE9-93EC-0CC8DA51D2DF} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-01-19] (Enigma Software Group USA, LLC.)
Task: {797D6177-E44D-4169-AD6C-D0D80C934471} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {CED3A03F-10D5-4BCF-9677-E65373C98EE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {D6DA70B0-CB58-44B5-B099-3AC9782CA033} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)
Task: {E049E2F0-4385-42CB-9058-2B3A81299F35} - System32\Tasks\Future Systems Solutions\Casper\Casper 8.0 Update Notification Task => F:\Future Systems Solutions\Casper 8.0\CASPER.EXE [2014-09-19] (Future Systems Solutions, Inc.)
Task: {FD70AD09-241C-4A6C-BC10-8818DE05F800} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-11 16:27 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2015-08-04 13:26 - 2015-08-04 13:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 12465344 _____ () F:\VMWare 12\vmware-hostd.exe
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-27 17:46 - 2015-11-14 04:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2013-10-16 01:02 - 2013-10-16 01:02 - 00535784 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
2016-01-22 18:32 - 2016-01-22 18:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2013-10-16 01:03 - 2013-10-16 01:03 - 01723624 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
2015-08-04 13:26 - 2015-08-04 13:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-12-17 20:52 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 19:29 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 22:20 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 22:20 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 22:47 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 22:47 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-12 07:04 - 2015-09-12 07:04 - 02847232 _____ () F:\XECTool\xectool.exe
2016-03-03 18:53 - 2016-03-03 18:54 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-03 18:53 - 2016-03-03 18:54 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 18:53 - 2016-03-03 18:54 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-06-10 20:05 - 2015-09-11 17:22 - 02015744 _____ () F:\Houdini 4 Chess\Houdini_4_Pro_x64A.exe
2014-06-10 22:00 - 2013-11-29 14:47 - 00995840 _____ () F:\Stockfish\stockfish-dd-win\Windows\stockfish-dd-64-modern.exe
2015-08-14 13:02 - 2015-08-14 13:02 - 01301696 _____ () F:\VMWare 12\libxml2.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00165056 _____ () F:\VMWare 12\nfc-types.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00191680 _____ () F:\VMWare 12\LIBEXPAT.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00388800 _____ () F:\VMWare 12\ssoClient.dll
2016-01-22 18:32 - 2016-01-22 18:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 18:32 - 2016-01-22 18:33 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2013-10-16 01:02 - 2013-10-16 01:02 - 00679144 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll
2012-05-22 18:01 - 2012-05-22 18:01 - 00723600 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll
2015-09-11 16:27 - 2016-02-24 20:08 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2015-12-18 16:42 - 2015-12-18 16:42 - 05919416 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\AdobePDFMakerX.dll
2015-12-18 16:42 - 2015-12-18 16:42 - 03385856 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2015-09-11 16:30 - 2016-02-24 20:09 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-09-30 21:47 - 2015-09-30 21:47 - 02099896 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\SendAsLinkX.dll
2015-09-30 21:47 - 2015-09-30 21:47 - 00230912 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\Adobe Send\SendAsLinkX.DEU
2015-10-21 21:05 - 2015-10-03 05:58 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C5FD17E-AF7E-4CC8-9A8D-81555F1040FB}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe
FirewallRules: [{C7D5D696-3847-43FF-B5E0-CCE004EA6DD9}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe
FirewallRules: [{76739F11-5CC2-47CA-9ED5-CCDACDE81EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C1DF8A39-D7AA-43A7-82F9-A30C20777A8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FF4610F-83FD-4E5C-9015-25B43EB7AB37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F3710BF0-2B62-40AD-9D6E-7292BA52DAC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2DD4B2E2-302C-4EB8-BE35-472B7936AFAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{208FE073-2ECA-41FE-8906-6A2872EFC482}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{509F4541-95E4-4BB2-8546-FACDEA230DC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{85FFC6DA-4BA9-41A2-AE6D-5BC51CA1E660}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{EB378A2D-251F-4FB8-9640-9CEDBEEA47AF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F4EBFA81-EB07-40C7-912C-69363D1F9324}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{835ACABC-AEFF-4666-A858-3839398ECEF5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{CAE1E754-F6B0-4A8E-934A-88B790EE80D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0484CEB0-58BD-40D7-805E-BC3EA51BA2CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{822F8943-7180-48FD-8F76-38B7832B4D47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D35F2DE-6C64-46F2-A8AE-CB7DC0B4F3C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8D14C10-26D0-49D4-B0AB-2030922C85C2}] => (Allow) LPort=31931
FirewallRules: [{5AF41AFE-D156-4C16-8F63-473795BA01CC}] => (Allow) LPort=14714
FirewallRules: [{2A7E5042-56E0-484F-9207-B54F2C271A60}] => (Allow) LPort=12972
FirewallRules: [{ABEB0780-1FDB-4FDC-8654-8B7A9E3FDAE4}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{6FD6C5E4-A993-41C1-9071-C50AECAC8C76}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{A789A793-0647-4AEA-ACFE-49A8938811A8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{C078F5EA-2668-42A9-BE31-4084E9E17172}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0CFFCF02-3676-4C1C-8982-2F75AAA902CA}] => (Allow) F:\VMWare 12\vmware-hostd.exe
FirewallRules: [{F7DE2D5C-E01C-49FA-A899-37353D1579EE}] => (Allow) F:\VMWare 12\vmware-hostd.exe
FirewallRules: [{0F1723F8-B187-47D2-B741-ACDED9AFB81A}] => (Allow) F:\VMWare 12\vmware-authd.exe
FirewallRules: [{5E2FB1BA-62FC-4600-876E-E86183C441A3}] => (Allow) F:\VMWare 12\vmware-authd.exe
FirewallRules: [{B3024B8D-44B5-4374-93D6-85C5DFCEB71F}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E956805-A5C5-401B-866C-BDED3E13039C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{211E353A-9E0A-4DE1-B56A-17E2850C46AE}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{8CD32749-01FE-43B6-B478-9AE5A98B8BBB}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{34FB88CD-0AF1-407C-A3C5-A6CA483E9DA1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D4A18D3A-F00C-4020-AF3A-09FAE1728251}] => (Allow) F:\iiTunes\iTunes.exe
FirewallRules: [{97BCEB7D-437F-49E9-BE50-E754F1716CC9}] => (Allow) F:\Audials\Audials 12\Audials.exe
FirewallRules: [{503763CB-E969-43B2-8FEF-24E7143A1055}] => (Allow) F:\Audials\Audials 2016\Audials.exe
FirewallRules: [TCP Query User{F3F1B885-D346-456B-B4BE-32C8A9AB3AB2}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe
FirewallRules: [UDP Query User{9D4874D7-971F-4647-BACC-54C4E6F3E555}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe
FirewallRules: [{3E95E14B-CD69-4350-B144-3A9CB1503D44}] => (Allow) F:\MS Visual Studio 2015\Common7\IDE\devenv.exe
FirewallRules: [{4A968DBD-1B60-4DD0-B3B8-D6101211DCE0}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{2CCA03DA-24E2-440F-A2DC-5615025C1F15}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{A7F1C9E2-39EB-4DC9-9750-CF9F2D9C6D2A}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{5D9B7DFE-9BF5-4BA3-80B3-BBF89FBF1EC7}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{832DDA4C-476E-47BF-83F6-726D50D6214B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

26-02-2016 17:30:47 Norton_Power_Eraser_20160226173046602
01-03-2016 19:50:26 Windows Update
03-03-2016 18:54:25 JRT Pre-Junkware Removal
03-03-2016 21:04:56 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SAS-Controller
Description: SAS-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/03/2016 09:04:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/03/2016 07:17:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.10, Zeitstempel: 0x569054dc
Name des fehlerhaften Moduls: SkyWrap.dll, Version: 10.1.2123.10, Zeitstempel: 0x569054c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00ac6197
ID des fehlerhaften Prozesses: 0x1408
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (03/03/2016 06:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.4.0.175, Zeitstempel: 0x564a80aa
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x2fc8
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (03/03/2016 06:54:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/03/2016 06:49:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/03/2016 06:49:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/03/2016 06:46:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/03/2016 06:46:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/03/2016 06:43:34 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for F:\Steam\bin\steamwebhelper.exe

Error: (03/03/2016 06:43:34 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for F:\Steam\steam.exe


Systemfehler:
=============
Error: (03/03/2016 08:31:37 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 08:31:37 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 08:00:31 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 08:00:31 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 07:06:24 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 07:06:24 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 07:06:24 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 06:54:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/03/2016 06:54:20 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/03/2016 06:54:20 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-03-02 18:25:25.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 18:42:45.411
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:42:45.333
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:37:00.304
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:37:00.181
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.772
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-15 19:14:22.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 65484.54 MB
Verfügbarer physikalischer RAM: 43695.97 MB
Summe virtueller Speicher: 75212.54 MB
Verfügbarer virtueller Speicher: 53065.95 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:364.61 GB) (Free:256.99 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:364.61 GB) (Free:298.92 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS
Drive f: () (Fixed) (Total:527.73 GB) (Free:287.5 GB) NTFS
Drive g: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS
Drive h: () (Fixed) (Total:527.73 GB) (Free:279.52 GB) NTFS
Drive w: (Video) (Network) (Total:74178.58 GB) (Free:65656.21 GB) NTFS
Drive y: (Music) (Network) (Total:74178.58 GB) (Free:65656.21 GB) NTFS
Drive z: (Dateien) (Network) (Total:74178.58 GB) (Free:65656.21 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 138B141C)
Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 286718E8)
Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Alt 04.03.2016, 10:20   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.03.2016, 18:26   #6
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Dieses Tool findet nichts.
Deswegen gibt's auch keinen Neustart.


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.03.04.04
  rootkit: v2016.02.27.01

Windows 10 x64 NTFS
Internet Explorer 11.103.10586.0
hanne :: VEINTICUATRO-XE [administrator]

04.03.2016 18:06:42
mbar-log-2016-03-04 (18-06-42).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 468624
Time elapsed: 9 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 04.03.2016, 21:04   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.03.2016, 22:12   #8
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Also adwcleaner findet die mir bereits bekannten Dateien

Code:
ATTFilter
# AdwCleaner v5.037 - Bericht erstellt am 04/03/2016 um 21:31:38
# Aktualisiert am 28/02/2016 von Xplode
# Datenbank : 2016-02-28.2 [Lokal]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : hanne - VEINTICUATRO-XE
# Gestartet von : C:\Users\hanne\Desktop\AdwCleaner_5.037.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

Datei Gefunden : C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
Datei Gefunden : C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal

***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4956 Bytes] - [02/03/2016 20:25:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1635 Bytes] - [03/03/2016 18:46:03]
C:\AdwCleaner\AdwCleaner[S1].txt - [4565 Bytes] - [02/03/2016 20:17:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [952 Bytes] - [02/03/2016 20:29:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [1025 Bytes] - [02/03/2016 21:51:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [1098 Bytes] - [02/03/2016 23:32:25]
C:\AdwCleaner\AdwCleaner[S5].txt - [1444 Bytes] - [03/03/2016 18:44:26]
C:\AdwCleaner\AdwCleaner[S6].txt - [1436 Bytes] - [04/03/2016 21:31:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1509 Bytes] ##########
         
Nach Löschung ist natürlich alles clean

Code:
ATTFilter
# AdwCleaner v5.037 - Bericht erstellt am 04/03/2016 um 21:45:59
# Aktualisiert am 28/02/2016 von Xplode
# Datenbank : 2016-02-28.2 [Lokal]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : hanne - VEINTICUATRO-XE
# Gestartet von : C:\Users\hanne\Desktop\AdwCleaner_5.037.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4956 Bytes] - [02/03/2016 20:25:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1635 Bytes] - [03/03/2016 18:46:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [972 Bytes] - [04/03/2016 21:34:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [4565 Bytes] - [02/03/2016 20:17:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [952 Bytes] - [02/03/2016 20:29:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [1025 Bytes] - [02/03/2016 21:51:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [1098 Bytes] - [02/03/2016 23:32:25]
C:\AdwCleaner\AdwCleaner[S5].txt - [1444 Bytes] - [03/03/2016 18:44:26]
C:\AdwCleaner\AdwCleaner[S6].txt - [1588 Bytes] - [04/03/2016 21:31:38]
C:\AdwCleaner\AdwCleaner[S7].txt - [1309 Bytes] - [04/03/2016 21:45:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1382 Bytes] ##########
         
und jetzt findet JRT auch noch was

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Pro x64 
Ran by hanne (Administrator) on 04.03.2016 at 21:50:22,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\Users\hanne\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (File) 
Successfully deleted: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task)



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2016 at 21:53:22,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST.TXT und Addition.TXT gibt's in meinem nächsten Posting

FRST.TXT

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-03-2016
durchgeführt von hanne (Administrator) auf VEINTICUATRO-XE (04-03-2016 22:04:28)
Gestartet von C:\Users\hanne\Desktop
Geladene Profile: hanne (Verfügbare Profile: hanne)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Future Systems Solutions, Inc.) C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(VMware, Inc.) F:\VMWare 12\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
() F:\VMWare 12\vmware-hostd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856 2015-09-23] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => F:\iiTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vmware-tray.exe] => F:\VMWare 12\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-09-22] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7568104 2015-09-23] ()
HKLM-x32\...\Run: [WinCast] => R:\CDSetup\setup.exe -ldeu
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-25] (Corel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Steam] => F:\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [IDMan] => F:\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [881336 2015-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AudialsNotifier] => F:\Audials\Audials 2016\AudialsNotifier.exe [2412952 2015-12-14] ()
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AnyDVD] => F:\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-08-27] (SlySoft, Inc.)
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\RunOnce: [Uninstall C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Policies\Explorer: [NoThumbnailCache] 1
IFEO\freegifmaker.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\freestudiomanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\premiummembershipoffer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => F:\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{f3eb969f-39af-462b-a895-ac671597ea78}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-24] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-24] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-11] (Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-11] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17]
FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5 [2016-03-04] [ist nicht signiert]
FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - F:\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - F:\Internet Download Manager\idmmzcc2.xpi [2016-01-27]

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-02]
CHR Extension: (Google Drive) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-02-26]
CHR Extension: (Google-Suche) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-11-09]
CHR Extension: (Norton Identity Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-11]
CHR Extension: (IDM Integration Module) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-12]
CHR Extension: (Norton Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-11-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Synology Web Clipper) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2016-03-03]
CHR Extension: (Google Mail) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] ()
R2 caspereui; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.)
R2 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-13] (Digital Wave Ltd.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
R2 MBAMScheduler; F:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; F:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 RoxioBurnLauncher; F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()
S3 RoxMediaDB15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-25] (Corel Corporation)
S2 RoxWatch15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-25] (Corel Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-01-19] (Enigma Software Group USA, LLC.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 VMAuthdService; F:\VMWare 12\vmware-authd.exe [89792 2015-08-14] (VMware, Inc.)
R2 VMwareHostd; F:\VMWare 12\vmware-hostd.exe [12465344 2015-08-14] ()
S3 VSStandardCollectorService140; F:\MS Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-11-08] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-11-08] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-09-12] (Acronis International GmbH)
R3 hcwhdpvr; C:\Windows\system32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20160303.001\IDSvia64.sys [767224 2016-02-13] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-04] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-06] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160304.003\ENG64.SYS [138488 2016-02-28] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20160304.003\EX64.SYS [2148080 2016-02-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
S3 prl_virtual_sound; C:\Windows\system32\DRIVERS\prl_virtual_sound.sys [46312 2015-05-27] (Parallels Holdings, Ltd. and its affiliates.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-09-02] (Audials AG)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-10-24] (Duplex Secure Ltd)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-10-07] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [198088 2015-10-07] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [553912 2015-10-07] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-07-23] (TuneUp Software)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-07-24] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-07-24] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-07-24] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U5 xb1usb; C:\Windows\System32\Drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2015-09-06] (X10 Wireless Technology, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-04 22:00 - 2016-03-04 22:00 - 00000000 ____D C:\Users\hanne\Desktop\FRST-OlderVersion
2016-03-04 21:53 - 2016-03-04 21:53 - 00001049 _____ C:\Users\hanne\Desktop\JRT.txt
2016-03-04 21:49 - 2016-03-04 21:48 - 01609216 _____ (Malwarebytes) C:\Users\hanne\Desktop\JRT.exe
2016-03-04 21:20 - 2016-03-04 21:20 - 00000000 _____ C:\Users\hanne\Downloads\adwcleaner_5.037.exe
2016-03-04 21:15 - 2016-03-04 21:15 - 01518592 _____ C:\Users\hanne\Desktop\AdwCleaner_5.037.exe
2016-03-04 18:06 - 2016-03-04 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-04 18:05 - 2016-03-04 18:17 - 00000000 ____D C:\Users\hanne\Desktop\mbar
2016-03-04 18:04 - 2016-03-04 18:05 - 16563352 _____ (Malwarebytes Corp.) C:\Users\hanne\Desktop\mbar-1.09.3.1001.exe
2016-03-03 22:52 - 2016-03-04 22:04 - 00029082 _____ C:\Users\hanne\Desktop\FRST.txt
2016-03-03 22:52 - 2016-03-03 22:53 - 00055320 _____ C:\Users\hanne\Desktop\Addition.txt
2016-03-03 22:44 - 2016-03-03 22:44 - 00001187 _____ C:\Users\hanne\Desktop\mwb.txt
2016-03-03 22:42 - 2016-03-03 22:42 - 00001192 _____ C:\Users\hanne\Desktop\mwb -log.txt
2016-03-03 22:24 - 2016-03-03 22:40 - 00001201 _____ C:\Users\hanne\Desktop\malwarebyte - log.txt
2016-03-03 21:38 - 2016-03-04 22:00 - 02374144 _____ (Farbar) C:\Users\hanne\Desktop\FRST64.exe
2016-03-03 21:35 - 2016-03-03 21:37 - 00108718 _____ C:\TDSSKiller.3.1.0.9_03.03.2016_21.35.19_log.txt
2016-03-02 23:25 - 2016-03-02 23:27 - 00108726 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_23.25.04_log.txt
2016-03-02 23:23 - 2016-03-02 23:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\hanne\Desktop\tdsskiller.exe
2016-03-02 22:03 - 2016-03-04 22:04 - 00000000 ____D C:\FRST
2016-03-02 20:17 - 2016-03-04 21:45 - 00000000 ____D C:\AdwCleaner
2016-03-01 21:15 - 2016-03-01 21:15 - 00002231 _____ C:\Users\hanne\Downloads\event58035.pgn
2016-03-01 19:30 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-01 19:30 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 19:30 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-01 19:30 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-01 19:30 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-01 19:30 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 19:30 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:30 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 19:30 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 19:30 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 19:30 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-01 19:30 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-01 19:30 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 19:30 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 19:30 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-01 19:30 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 19:30 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 19:30 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 19:30 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 19:30 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 19:30 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 19:30 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 19:30 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 19:30 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 19:30 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-01 19:30 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-01 19:30 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 19:30 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 19:30 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 19:30 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 19:30 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 19:30 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 19:30 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 19:30 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 19:30 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-01 19:30 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 19:30 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-01 19:30 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 19:30 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 19:30 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 19:30 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 19:30 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 19:29 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 19:29 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 19:29 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 19:29 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 19:29 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 19:29 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 19:29 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 19:29 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-01 19:29 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 19:29 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 19:29 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 19:29 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 19:29 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 19:29 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 19:29 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 19:29 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 19:29 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-01 19:29 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 19:29 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-01 19:29 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-01 19:29 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-01 19:29 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-01 19:29 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-01 19:29 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 19:29 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 19:29 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 19:29 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 19:29 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 19:29 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 19:29 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 19:29 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 19:29 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 19:29 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 19:29 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 19:29 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 19:29 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 19:29 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 19:29 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 19:29 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 19:29 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 19:29 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 19:29 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 19:29 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 19:29 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-01 19:29 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 19:29 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 19:29 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 19:29 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-01 19:29 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 19:29 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-01 19:29 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-01 19:29 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 19:29 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 19:29 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 19:29 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 19:29 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 19:29 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 19:29 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 19:29 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 19:29 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 19:29 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 19:29 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 19:29 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 19:29 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 19:29 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 19:29 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 19:29 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 19:29 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 19:29 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-01 19:29 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 19:29 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-01 19:29 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 19:29 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 19:29 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-01 19:29 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-01 19:29 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 19:29 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 19:29 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:29 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 19:29 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 19:29 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 19:29 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 19:29 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 19:29 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-01 19:29 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-01 19:29 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 19:29 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-01 19:29 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 19:29 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 19:29 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 19:29 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-01 19:29 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 19:29 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 19:29 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-01 19:29 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 19:29 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 19:29 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 19:29 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 19:29 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 19:29 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 19:29 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 19:29 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 19:29 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 19:29 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 19:29 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 19:29 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 19:29 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-01 19:29 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 19:29 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 19:29 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 19:29 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-01 19:29 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 19:29 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 19:29 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 19:29 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 19:29 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 19:29 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 19:29 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-01 19:29 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-01 19:29 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 19:29 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-01 19:29 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 19:29 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 19:29 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 19:29 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-01 19:29 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-01 19:29 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 19:29 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 19:29 - 2016-02-23 08:21 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-03-01 19:29 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 19:29 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 19:29 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 19:29 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 19:29 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 19:29 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 19:29 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 19:29 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 19:29 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 19:29 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-01 19:29 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 19:29 - 2016-02-23 07:52 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2016-03-01 19:29 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 19:29 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 19:29 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 19:29 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 19:29 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 19:29 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-01 19:29 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 19:29 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 19:29 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 19:29 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 19:29 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-01 19:29 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 19:29 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 19:29 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 19:29 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 19:29 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-02-26 17:36 - 2016-02-26 17:36 - 00000000 ____D C:\Users\hanne\AppData\Local\TempTaskUpdateDetection72F652F6-855E-44A2-9053-2E8F6EB79632
2016-02-25 20:35 - 2016-02-25 20:35 - 00023416 _____ C:\Users\hanne\Downloads\Sage DPW.html
2016-02-25 20:35 - 2016-02-25 20:35 - 00000000 ____D C:\Users\hanne\Downloads\Sage DPW_files
2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\Users\hanne\AppData\Local\Stardock
2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\ProgramData\Stardock
2016-02-18 19:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2016-02-18 19:33 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2016-02-18 19:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2016-02-18 19:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2016-02-18 19:33 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2016-02-18 19:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2016-02-18 19:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2016-02-18 19:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2016-02-18 19:32 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2016-02-18 19:32 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2016-02-18 19:32 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2016-02-18 19:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2016-02-18 19:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2016-02-18 19:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2016-02-18 19:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2016-02-18 19:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2016-02-18 19:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2016-02-18 19:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2016-02-18 19:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2016-02-18 19:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2016-02-18 19:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2016-02-18 19:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2016-02-18 19:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2016-02-18 19:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2016-02-18 19:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2016-02-18 19:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-02-18 19:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-02-18 19:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-02-18 19:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-02-18 19:32 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-02-18 19:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-02-18 19:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-02-18 19:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-02-18 19:32 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-02-18 19:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-02-18 19:32 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-02-18 19:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-02-18 19:32 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-02-18 19:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-02-18 19:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-02-18 19:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-02-18 19:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-02-18 19:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-02-18 19:32 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-02-18 19:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-02-18 19:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-02-18 19:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-02-18 19:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-02-18 19:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-02-18 19:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-02-18 19:32 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-02-18 19:32 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-02-18 19:13 - 2016-02-18 19:13 - 00000202 _____ C:\Users\hanne\Desktop\Galactic Civilizations III.url
2016-02-17 21:52 - 2016-02-17 21:52 - 00017359 _____ C:\Users\hanne\Downloads\Calendar of Events 2015-2017-v2015-08-18.xlsx
2016-02-11 15:26 - 2016-01-28 10:20 - 00209056 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2016-02-09 19:46 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:46 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:46 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:46 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:46 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:46 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:46 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:46 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:45 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:45 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:45 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:45 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:45 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:45 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:45 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:45 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:45 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:45 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:45 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:45 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:45 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:45 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:45 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:45 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:45 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:45 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:45 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:45 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:45 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:45 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:45 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:45 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:45 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:45 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-04 21:50 - 2015-10-05 18:01 - 00000000 ____D C:\Users\hanne\AppData\Local\CrashDumps
2016-03-04 21:46 - 2015-11-27 17:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2016-03-04 21:46 - 2015-10-30 19:35 - 00819822 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-04 21:46 - 2015-10-30 19:35 - 00173854 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-04 21:46 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-04 21:46 - 2015-09-06 10:39 - 01917186 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-04 21:43 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-04 21:42 - 2015-10-04 17:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-04 21:41 - 2015-09-11 23:29 - 00000000 ____D C:\ProgramData\VMware
2016-03-04 21:40 - 2015-12-12 04:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-04 21:40 - 2015-12-12 03:59 - 00000000 ____D C:\Users\hanne
2016-03-04 21:40 - 2015-12-12 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-04 21:40 - 2015-09-11 20:10 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-04 20:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-04 20:35 - 2015-09-11 20:10 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-04 20:09 - 2015-09-11 20:18 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\Outlook-Dateien
2016-03-04 19:23 - 2015-09-11 20:25 - 00000000 ____D C:\Users\hanne\Downloads\Compressed
2016-03-04 19:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-04 18:05 - 2015-10-04 17:03 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-04 17:54 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-04 17:53 - 2015-09-11 19:33 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E4E2C49-7D3D-48D2-A695-64BB57B55EF8}
2016-03-04 17:53 - 2015-09-11 18:03 - 00000000 ____D C:\Users\hanne\AppData\Local\Adobe
2016-03-03 18:46 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-03 18:36 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\DMCache
2016-03-02 20:17 - 2015-10-19 18:39 - 00000000 ____D C:\Users\hanne\AppData\Local\NPE
2016-03-02 18:25 - 2015-09-06 10:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 18:24 - 2015-12-12 03:57 - 05102488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-01 23:54 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 19:51 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-28 09:27 - 2015-09-11 23:15 - 00000000 ____D C:\Users\hanne\AppData\Roaming\vlc
2016-02-27 13:18 - 2015-09-06 10:41 - 00000000 ____D C:\Users\hanne\AppData\Local\Packages
2016-02-26 17:41 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-26 17:40 - 2015-09-11 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\My Games
2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\AppData\Local\My Games
2016-02-19 23:36 - 2015-09-11 20:10 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 23:36 - 2015-09-11 20:10 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-18 19:32 - 2015-09-06 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-18 19:13 - 2015-11-15 12:39 - 00000000 ____D C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-18 18:42 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\IDM
2016-02-17 18:34 - 2015-09-11 18:55 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-02-11 19:18 - 2015-09-06 10:42 - 00002387 _____ C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-11 19:18 - 2015-09-06 10:42 - 00000000 ___RD C:\Users\hanne\OneDrive
2016-02-11 17:16 - 2015-12-15 19:41 - 00000017 _____ C:\WINDOWS\.ini
2016-02-10 18:12 - 2015-09-06 10:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 18:09 - 2015-09-06 10:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 17:54 - 2015-09-11 18:08 - 00000000 ___RD C:\Users\hanne\Creative Cloud Files
2016-02-10 17:54 - 2015-09-11 18:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-09 20:46 - 2015-12-20 14:29 - 00000000 ____D C:\WINDOWS\symbols
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-12 21:14 - 2015-10-03 23:47 - 0094795 _____ () C:\Users\hanne\AppData\Local\parallels-pax.log
2015-10-24 08:02 - 2015-10-24 10:13 - 0000600 _____ () C:\Users\hanne\AppData\Local\PUTTY.RND
2015-09-16 13:09 - 2015-09-16 13:09 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-10-14 02:49 - 2014-10-14 02:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\hanne\ParallelsAccess-3.0.1-30654-win.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-29 19:28

==================== Ende von FRST.txt ============================
         

Alt 04.03.2016, 22:14   #9
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016
durchgeführt von hanne (2016-03-04 22:04:56)
Gestartet von C:\Users\hanne\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 03:08:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1936510213-3086724655-2435381783-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1936510213-3086724655-2435381783-503 - Limited - Disabled)
Gast (S-1-5-21-1936510213-3086724655-2435381783-501 - Limited - Disabled)
hanne (S-1-5-21-1936510213-3086724655-2435381783-1002 - Administrator - Enabled) => C:\Users\hanne

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

5KPlayer 3.1 (HKLM-x32\...\5KPlayer_is1) (Version:  - DearMob, Inc.)
Acronis True Image 2016 (HKLM-x32\...\{5E5999D7-85DD-4B82-B48B-5F60BDFAC502}Visible) (Version: 19.0.5634 - Acronis)
Acronis True Image 2016 (x32 Version: 19.0.5634 - Acronis) Hidden
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.7.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.4 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.2.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.50 - FinalWire Ltd.)
AllSync (HKLM-x32\...\AllSync_is1) (Version: 3.5.102 - Michael Thummerer Software Design)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.4.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{903D0F33-D3CF-48D6-967D-84004089428A}) (Version: 4.0.51203.1 - Microsoft Corporation)
ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: 2.0.45.12 - ArcSoft)
Audials (HKLM-x32\...\{0336AD00-7F30-47A9-8EFB-CDDAD979C19E}) (Version: 12.1.9700.0 - Audials AG)
Audials (HKLM-x32\...\{39DE26F8-C180-47F3-9CCC-6EE4B95DA93D}) (Version: 14.0.51000.0 - Audials AG)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
BASE 6.1 (HKLM-x32\...\BASE 6.1) (Version:  - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Casper 8.0 (HKLM\...\{1A22A914-D43F-4BF6-BE8C-8C4D8E76CAF6}) (Version: 8.0.46120 - Future Systems Solutions, Inc.)
CDLIB 5.1 (HKLM-x32\...\CDLIB) (Version: 5.1 - CDLIB)
ChessBase 13 64-bit (HKLM\...\{9422AB50-000A-496D-83D2-B0E9EE49FD2C}) (Version: 13.4.0.0 - ChessBase)
Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)
Creator NXT 3 Content (x32 Version: 16.0.004 - Roxio) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dispatcher (HKLM-x32\...\Steam App 341980) (Version:  - CivilSavages)
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
DVR-Capture 2.00 (HKLM-x32\...\DVR-Capture 2) (Version: 2.00 - Haenien-Software)
DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.19 - Haenlein-Software)
DVR-Studio HD 4 (HKLM-x32\...\DVR-Studio HD 4) (Version: 4.02.03 - Haenlein-Software)
EF Multi File Renamer (HKLM\...\EF Multi File Renamer) (Version:  - EFSoftware)
EF Multi File Renamer (HKLM-x32\...\EF Multi File Renamer) (Version:  - EFSoftware)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.5.7.1013 - DVDVideoSoft Ltd.)
Galactic Civilizations III (HKLM-x32\...\Steam App 226860) (Version:  - Stardock Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version:  - Hauppauge Computer Works)
Hauppauge WinTV IR Blaster (HKLM-x32\...\Hauppauge WinTV IR Blaster) (Version: 7.4.29102 - Hauppauge Computer Works, Inc.)
Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version:  - )
Houdini 4 Pro (HKLM\...\{FEBA7043-8935-4747-9EC4-0672C8B134CE}_is1) (Version: 4 - Houdini Chess)
ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
KC Softwares VideoInspector (HKLM-x32\...\KC Softwares VideoInspector_is1) (Version: 2.8.1.133 - KC Softwares)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Movavi Video Suite 14 (HKLM-x32\...\Movavi Video Suite 14) (Version: 14.3.0 - Movavi)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 15 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24723 - Microsoft Corporation) Hidden
Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: 1.0.4.0 - Roxio)
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SmartControlCenter (HKLM-x32\...\{63CE935C-03E3-4EB4-B194-792CB2F91C87}) (Version: 1.1.1.14 - Netgear)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TVgenial 5.40 (HKLM-x32\...\TVgenial) (Version:  - )
TypeScript Power Tool (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.4.0 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation)
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-04310A690DF6}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> F:\Roxio\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01A26BF1-3F1C-40BD-BEAD-2F59F5F4D357} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {0533D784-79DC-488E-81BE-9E9EFCB05A8D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {1BD57935-9038-4536-9569-F3642D6C3534} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation)
Task: {3188B169-89D4-4BF1-8041-C5FF5B44FD6E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hannes.rada@inode.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {48CC8FC8-9A0D-4029-BB1A-28052580D707} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)
Task: {51D97364-0FE0-44E3-9C16-8E916568DEFC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {5F86521A-5443-4819-B1EF-AC0170B620C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {6688E82F-836B-44F7-B7C9-B55757A2496C} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {719ACE92-93A1-4432-8803-A8552049D0A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {73B1D130-5DBD-4EE9-93EC-0CC8DA51D2DF} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-01-19] (Enigma Software Group USA, LLC.)
Task: {797D6177-E44D-4169-AD6C-D0D80C934471} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {A6E450AA-1023-48D6-B22E-D137AB5A9F99} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation)
Task: {CED3A03F-10D5-4BCF-9677-E65373C98EE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {D6DA70B0-CB58-44B5-B099-3AC9782CA033} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.)
Task: {E049E2F0-4385-42CB-9058-2B3A81299F35} - System32\Tasks\Future Systems Solutions\Casper\Casper 8.0 Update Notification Task => F:\Future Systems Solutions\Casper 8.0\CASPER.EXE [2014-09-19] (Future Systems Solutions, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-22 18:32 - 2016-01-22 18:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-27 17:46 - 2015-11-14 04:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-09-11 16:27 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2015-08-04 13:26 - 2015-08-04 13:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 12465344 _____ () F:\VMWare 12\vmware-hostd.exe
2013-10-16 01:02 - 2013-10-16 01:02 - 00535784 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
2015-12-17 20:52 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 19:29 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 22:20 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 22:20 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 22:47 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 22:47 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-04 13:26 - 2015-08-04 13:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2013-10-16 01:03 - 2013-10-16 01:03 - 01723624 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
2016-01-22 18:32 - 2016-01-22 18:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 18:32 - 2016-01-22 18:33 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2014-01-22 00:04 - 2014-01-22 00:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 01301696 _____ () F:\VMWare 12\libxml2.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00165056 _____ () F:\VMWare 12\nfc-types.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00191680 _____ () F:\VMWare 12\LIBEXPAT.dll
2015-08-14 13:02 - 2015-08-14 13:02 - 00388800 _____ () F:\VMWare 12\ssoClient.dll
2013-10-16 01:02 - 2013-10-16 01:02 - 00679144 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll
2012-05-22 18:01 - 2012-05-22 18:01 - 00723600 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll
2015-10-21 21:05 - 2015-10-03 05:58 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "Parallels Access"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C5FD17E-AF7E-4CC8-9A8D-81555F1040FB}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe
FirewallRules: [{C7D5D696-3847-43FF-B5E0-CCE004EA6DD9}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe
FirewallRules: [{76739F11-5CC2-47CA-9ED5-CCDACDE81EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C1DF8A39-D7AA-43A7-82F9-A30C20777A8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FF4610F-83FD-4E5C-9015-25B43EB7AB37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F3710BF0-2B62-40AD-9D6E-7292BA52DAC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2DD4B2E2-302C-4EB8-BE35-472B7936AFAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{208FE073-2ECA-41FE-8906-6A2872EFC482}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{509F4541-95E4-4BB2-8546-FACDEA230DC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{85FFC6DA-4BA9-41A2-AE6D-5BC51CA1E660}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{EB378A2D-251F-4FB8-9640-9CEDBEEA47AF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F4EBFA81-EB07-40C7-912C-69363D1F9324}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{835ACABC-AEFF-4666-A858-3839398ECEF5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{CAE1E754-F6B0-4A8E-934A-88B790EE80D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0484CEB0-58BD-40D7-805E-BC3EA51BA2CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{822F8943-7180-48FD-8F76-38B7832B4D47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D35F2DE-6C64-46F2-A8AE-CB7DC0B4F3C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8D14C10-26D0-49D4-B0AB-2030922C85C2}] => (Allow) LPort=31931
FirewallRules: [{5AF41AFE-D156-4C16-8F63-473795BA01CC}] => (Allow) LPort=14714
FirewallRules: [{2A7E5042-56E0-484F-9207-B54F2C271A60}] => (Allow) LPort=12972
FirewallRules: [{ABEB0780-1FDB-4FDC-8654-8B7A9E3FDAE4}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{6FD6C5E4-A993-41C1-9071-C50AECAC8C76}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{A789A793-0647-4AEA-ACFE-49A8938811A8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{C078F5EA-2668-42A9-BE31-4084E9E17172}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{0CFFCF02-3676-4C1C-8982-2F75AAA902CA}] => (Allow) F:\VMWare 12\vmware-hostd.exe
FirewallRules: [{F7DE2D5C-E01C-49FA-A899-37353D1579EE}] => (Allow) F:\VMWare 12\vmware-hostd.exe
FirewallRules: [{0F1723F8-B187-47D2-B741-ACDED9AFB81A}] => (Allow) F:\VMWare 12\vmware-authd.exe
FirewallRules: [{5E2FB1BA-62FC-4600-876E-E86183C441A3}] => (Allow) F:\VMWare 12\vmware-authd.exe
FirewallRules: [{B3024B8D-44B5-4374-93D6-85C5DFCEB71F}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E956805-A5C5-401B-866C-BDED3E13039C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{211E353A-9E0A-4DE1-B56A-17E2850C46AE}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{8CD32749-01FE-43B6-B478-9AE5A98B8BBB}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{34FB88CD-0AF1-407C-A3C5-A6CA483E9DA1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D4A18D3A-F00C-4020-AF3A-09FAE1728251}] => (Allow) F:\iiTunes\iTunes.exe
FirewallRules: [{97BCEB7D-437F-49E9-BE50-E754F1716CC9}] => (Allow) F:\Audials\Audials 12\Audials.exe
FirewallRules: [{503763CB-E969-43B2-8FEF-24E7143A1055}] => (Allow) F:\Audials\Audials 2016\Audials.exe
FirewallRules: [TCP Query User{F3F1B885-D346-456B-B4BE-32C8A9AB3AB2}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe
FirewallRules: [UDP Query User{9D4874D7-971F-4647-BACC-54C4E6F3E555}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe
FirewallRules: [{3E95E14B-CD69-4350-B144-3A9CB1503D44}] => (Allow) F:\MS Visual Studio 2015\Common7\IDE\devenv.exe
FirewallRules: [{4A968DBD-1B60-4DD0-B3B8-D6101211DCE0}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{2CCA03DA-24E2-440F-A2DC-5615025C1F15}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{A7F1C9E2-39EB-4DC9-9750-CF9F2D9C6D2A}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{5D9B7DFE-9BF5-4BA3-80B3-BBF89FBF1EC7}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{832DDA4C-476E-47BF-83F6-726D50D6214B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

26-02-2016 17:30:47 Norton_Power_Eraser_20160226173046602
01-03-2016 19:50:26 Windows Update
03-03-2016 18:54:25 JRT Pre-Junkware Removal
03-03-2016 21:04:56 JRT Pre-Junkware Removal
04-03-2016 21:50:23 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SAS-Controller
Description: SAS-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Epson Perfection 1670/GT-8400UF
Description: Epson Perfection 1670/GT-8400UF
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hamrick Software
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/04/2016 09:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.4.0.175, Zeitstempel: 0x564a80aa
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x135c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (03/04/2016 09:50:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/04/2016 09:43:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/04/2016 09:43:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/04/2016 09:40:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for F:\Steam\bin\steamwebhelper.exe

Error: (03/04/2016 09:40:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for F:\Steam\steam.exe

Error: (03/04/2016 09:36:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/04/2016 09:36:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/04/2016 08:37:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/04/2016 07:37:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/04/2016 09:50:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/04/2016 09:43:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/04/2016 09:43:13 PM) (Source: DCOM) (EventID: 10001) (User: VEINTICUATRO-XE)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server5microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mcaNicht verfügbarNicht verfügbar

Error: (03/04/2016 09:43:12 PM) (Source: DCOM) (EventID: 10001) (User: VEINTICUATRO-XE)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server5microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mcaNicht verfügbarNicht verfügbar

Error: (03/04/2016 09:41:13 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (03/04/2016 09:41:13 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-03-02 18:25:25.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 18:42:45.411
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:42:45.333
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:37:00.304
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-17 18:37:00.181
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.788
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.772
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-16 21:22:09.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-15 19:14:22.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz
Prozentuale Nutzung des RAM: 5%
Installierter physikalischer RAM: 65484.54 MB
Verfügbarer physikalischer RAM: 62034.13 MB
Summe virtueller Speicher: 75212.54 MB
Verfügbarer virtueller Speicher: 71714.44 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:364.61 GB) (Free:256.31 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:364.61 GB) (Free:298.92 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS
Drive f: () (Fixed) (Total:527.73 GB) (Free:287.5 GB) NTFS
Drive g: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS
Drive h: () (Fixed) (Total:527.73 GB) (Free:279.52 GB) NTFS
Drive w: (Video) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS
Drive y: (Music) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS
Drive z: (Dateien) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 138B141C)
Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 286718E8)
Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended)

==================== Ende von Addition.txt ============================
         

Alt 04.03.2016, 23:21   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM-x32\...\Run: [] => [X]
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.03.2016, 23:34   #11
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Okay was haben wir da entfernt ?

Fixlog.txt

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016
durchgeführt von hanne (2016-03-04 23:32:16) Run:1
Gestartet von C:\Users\hanne\Desktop
Geladene Profile: hanne (Verfügbare Profile: hanne)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X] emptytemp: 
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt

==== Ende von Fixlog 23:32:16 ====
         

Alt 04.03.2016, 23:47   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Das klappt so nicht. Du musst das Script 1:1 kopieren, du darfst auch keine Zeilenumbrüche entfernen.

Kann es sein, dass du den Text in Word oder so kopiert hast??
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.03.2016, 00:01   #13
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Okay beim Kopieren wird automatisch der Zeilenumbrauch entfernt.
Also nochmals:

Jetzt sind offenbar 700 MB temporäre Dateien entfernt

HTML-Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016
durchgeführt von hanne (2016-03-04 23:53:49) Run:2
Gestartet von C:\Users\hanne\Desktop
Geladene Profile: hanne (Verfügbare Profile: hanne)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
emptytemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden.
EmptyTemp: => 713.7 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 23:54:39 ====

Alt 05.03.2016, 00:03   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



so isses richtig!!!


Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.03.2016, 18:32   #15
MajorKottan
 
Google Chrome lädt Malware - MS Edge nicht - Standard

Google Chrome lädt Malware - MS Edge nicht



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.03.2016
Suchlaufzeit: 08:04
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.05.02
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: hanne

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 469315
Abgelaufene Zeit: 12 Min., 23 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Eset findet eine ganze Menge

Code:
ATTFilter
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 1287108 219783582 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 66341 11001140 0 0
# scanned=2451293
# found=48
# cleaned=0
# scan_time=24063
sh=AEC3934D53A51AA388A4CBDAF2FD337211F8892B ft=1 fh=4d6154421951c19a vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\CreateShortCut.dll.vir"
sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\TaskScheduler.dll.vir"
sh=B8772D6269D0410CD055E6792B0E7673E876665A ft=1 fh=99f8a9ba75ddbf93 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\Uninstaller.exe.vir"
sh=AEC3934D53A51AA388A4CBDAF2FD337211F8892B ft=1 fh=4d6154421951c19a vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\CreateShortCut.dll"
sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\TaskScheduler.dll"
sh=B8772D6269D0410CD055E6792B0E7673E876665A ft=1 fh=99f8a9ba75ddbf93 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\Uninstaller.exe"
sh=05D232953916ED81EBB081A0C363A770E4D02F30 ft=1 fh=575e43895d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\$R86K91K.exe"
sh=72BB409E3CD1F7FFB76BB3E34B3C705BB6BCFCE3 ft=1 fh=8ae750594b542a83 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\$RR6ST7Q.exe"
sh=524C1A9B5B2D0CB5E91830F0868638BCEB9EBAF9 ft=1 fh=8dab1ebd74d9b955 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Alcohol120_retail_2.0.3.6732.exe"
sh=83407DB699FA5983071EEBCE2436693159D18F72 ft=1 fh=e8b4478e9f4aa877 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Avery Zweckform DesignPro - CHIP-Installer.exe"
sh=FBFC6D75140BD4F7E850212EFF4E05465D349E7B ft=1 fh=7a247928f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Brettspiele-Deluxe-Setup.exe"
sh=D773D466C7FD03C3F13FA03F6DA6B515C648F9E9 ft=1 fh=8b0bf2da65de7bab vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\cnet_cvtsetup_exe.exe"
sh=5CA32567B720FC112E426A2BC542D45B503EB49F ft=1 fh=5e160bab0f9ecb23 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\DesktopOK 64 Bit - CHIP-Installer.exe"
sh=19E32F9FD945DC0E5632586E0A92EDB3CDC48A0C ft=1 fh=32e4e9a808441098 vn="Variante von MSIL/Packed.PvLogNetProtector.E verdächtige Datei" ac=I fn="E:\Downloads\DVR-Compress 2 Setup204Ger.exe"
sh=37487B87DC75908F5B7EEE8FE79591879D4E4920 ft=1 fh=afbe3d46e005f130 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\EF_Multi_File_Renamer_4.40_CB-DL-Manager.exe"
sh=C2D5E06850F15CB244DB01B28ECFEAFF76F5F541 ft=1 fh=1696cdc80b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Free-Video-Dub-Setup.exe"
sh=B5F3861AF8A540EFA94A31140B068529268CBCCD ft=1 fh=0186c3a4cd73d147 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToDVDConverter.exe"
sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMp3Converter.exe"
sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMP3Converter31014.exe"
sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMp3Converter39.exe"
sh=1959A6017B7BC8BABA9AD5377D2F784C96D668A5 ft=1 fh=99de4023e6592c16 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\isobuster_install.exe"
sh=C4C85FD848A0E2A84770DE1B229B86BE7B9EE42A ft=1 fh=78d2e5e467c0ecf5 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\powersuite.exe"
sh=CBFC54C66BDF09DEB03E66BA7BBAB7DEE4CAA790 ft=1 fh=8558a61d316992a9 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\registrybooster.exe"
sh=26C5CC92C355D7AAEF3F70479E25CFB9DE73FC35 ft=1 fh=1df8bc41e7f4c46c vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\SweetImSetup.exe"
sh=21ECE50E242CD2014C3A73262BFAD894267BE7E3 ft=1 fh=745906623ff06dd1 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\YouTubeDownloaderSetup34.exe"
sh=21825C03CB1A667D80033F0E3B10EADC3F4EB847 ft=1 fh=4d81a715f53ac34e vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\YTDSetup.exe"
sh=B4799BA5FDDE7B0E267FCE9AA2DC43B9685432EE ft=1 fh=caf5ffb8a3d62e41 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeVideoToJPGConverter\FreeVideoToJPGConverter\FreeVideoToJPGConverter.exe"
sh=05D232953916ED81EBB081A0C363A770E4D02F30 ft=1 fh=575e43895d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\$RECYCLE.BIN\$R86K91K.exe"
sh=72BB409E3CD1F7FFB76BB3E34B3C705BB6BCFCE3 ft=1 fh=8ae750594b542a83 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\$RECYCLE.BIN\$RR6ST7Q.exe"
sh=524C1A9B5B2D0CB5E91830F0868638BCEB9EBAF9 ft=1 fh=8dab1ebd74d9b955 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Alcohol120_retail_2.0.3.6732.exe"
sh=83407DB699FA5983071EEBCE2436693159D18F72 ft=1 fh=e8b4478e9f4aa877 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Avery Zweckform DesignPro - CHIP-Installer.exe"
sh=FBFC6D75140BD4F7E850212EFF4E05465D349E7B ft=1 fh=7a247928f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Brettspiele-Deluxe-Setup.exe"
sh=D773D466C7FD03C3F13FA03F6DA6B515C648F9E9 ft=1 fh=8b0bf2da65de7bab vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\cnet_cvtsetup_exe.exe"
sh=5CA32567B720FC112E426A2BC542D45B503EB49F ft=1 fh=5e160bab0f9ecb23 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\DesktopOK 64 Bit - CHIP-Installer.exe"
sh=19E32F9FD945DC0E5632586E0A92EDB3CDC48A0C ft=1 fh=32e4e9a808441098 vn="Variante von MSIL/Packed.PvLogNetProtector.E verdächtige Datei" ac=I fn="G:\Downloads\DVR-Compress 2 Setup204Ger.exe"
sh=37487B87DC75908F5B7EEE8FE79591879D4E4920 ft=1 fh=afbe3d46e005f130 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\EF_Multi_File_Renamer_4.40_CB-DL-Manager.exe"
sh=C2D5E06850F15CB244DB01B28ECFEAFF76F5F541 ft=1 fh=1696cdc80b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Free-Video-Dub-Setup.exe"
sh=B5F3861AF8A540EFA94A31140B068529268CBCCD ft=1 fh=0186c3a4cd73d147 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToDVDConverter.exe"
sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMp3Converter.exe"
sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMP3Converter31014.exe"
sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMp3Converter39.exe"
sh=1959A6017B7BC8BABA9AD5377D2F784C96D668A5 ft=1 fh=99de4023e6592c16 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\isobuster_install.exe"
sh=C4C85FD848A0E2A84770DE1B229B86BE7B9EE42A ft=1 fh=78d2e5e467c0ecf5 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\powersuite.exe"
sh=CBFC54C66BDF09DEB03E66BA7BBAB7DEE4CAA790 ft=1 fh=8558a61d316992a9 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\registrybooster.exe"
sh=26C5CC92C355D7AAEF3F70479E25CFB9DE73FC35 ft=1 fh=1df8bc41e7f4c46c vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\SweetImSetup.exe"
sh=21ECE50E242CD2014C3A73262BFAD894267BE7E3 ft=1 fh=745906623ff06dd1 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\YouTubeDownloaderSetup34.exe"
sh=21825C03CB1A667D80033F0E3B10EADC3F4EB847 ft=1 fh=4d81a715f53ac34e vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\YTDSetup.exe"
sh=B4799BA5FDDE7B0E267FCE9AA2DC43B9685432EE ft=1 fh=caf5ffb8a3d62e41 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeVideoToJPGConverter\FreeVideoToJPGConverter\FreeVideoToJPGConverter.exe"
         
Checkup.txt

Code:
ATTFilter
Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton 360         
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 AVG PC TuneUp 2015  
 AVG PC TuneUp 2015 (de-DE) 
 AVG PC TuneUp 2015  
 Microsoft VisualStudio JavaScript Language Service 
 Microsoft VisualStudio JavaScript Project System 
 Java version 32-bit out of Date! 
 Google Chrome (48.0.2564.109) 
 Google Chrome (48.0.2564.116) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 ESET ESET Online Scanner OnlineScannerApp.exe  
 mbamscheduler.exe    
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Antwort

Themen zu Google Chrome lädt Malware - MS Edge nicht
adware, bestpriceninja, besuch, chrome, chrome automatisch tab öffnung virus, entferne, entfernen, geladen, google, google chrome, hunter, immer wieder, lädt, malware, nicht, price, problemlos, spy, spy hunter, taucht, websites, werbung




Ähnliche Themen: Google Chrome lädt Malware - MS Edge nicht


  1. Chrome lädt Malware - MS Edge nicht
    Diskussionsforum - 03.03.2016 (3)
  2. CinePlus-meine Browser(Firefox, Chrome und Microsoft Edge) öffnen wenn sie geschlossen sind Pop-Up-Fenster
    Alles rund um Windows - 06.12.2015 (52)
  3. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  4. Google lädt nicht
    Log-Analyse und Auswertung - 14.06.2014 (3)
  5. Chrome lädt nur noch facebook, google und Co.
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (3)
  6. Windows 7: Java/Adobe Malware bei Google Chrome
    Log-Analyse und Auswertung - 20.05.2014 (1)
  7. google chrome lädt keine seiten
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (9)
  8. jsn.donecore.net Malware Trojaner (Win7/64bit), Google Chrome Werbepopups
    Log-Analyse und Auswertung - 06.12.2013 (13)
  9. Programme und Spiele crashen direkt nach Start.- Google chrome lädt keine Internet Seiten.
    Alles rund um Windows - 10.03.2013 (0)
  10. google chrome lädt falsche website
    Log-Analyse und Auswertung - 16.12.2012 (8)
  11. FF Google Chrome funktionieren nicht, cmd.exe, windows-befehlsprozessor, malware?
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (1)
  12. Google-Startseite lädt nicht
    Log-Analyse und Auswertung - 22.12.2011 (31)
  13. google lädt nicht
    Log-Analyse und Auswertung - 07.04.2011 (12)
  14. Nach Beseitigung von Malware lädt Google nicht
    Log-Analyse und Auswertung - 08.03.2011 (10)
  15. google lädt nicht
    Log-Analyse und Auswertung - 23.02.2011 (6)
  16. Firefox lädt Suchmaschinen (Google, Yahoo) nicht mehr
    Log-Analyse und Auswertung - 02.11.2009 (50)
  17. Firefox lädt Seiten teilweise nicht/ Google googelt nicht mehr
    Log-Analyse und Auswertung - 28.06.2008 (11)

Zum Thema Google Chrome lädt Malware - MS Edge nicht - Hallo, Google Chrome lädt beim Besuch harmloser Websites wie dict.leo.org, www.thaiairways.com ständig Adware nach wie BestpriceNinja, etc .... MS Edge tut dies jedoch nicht. . Diese Adware läßt sich zwar - Google Chrome lädt Malware - MS Edge nicht...
Archiv
Du betrachtest: Google Chrome lädt Malware - MS Edge nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.