Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.03.2016, 23:30   #1
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Da ich mich gerade mit cosinus um den Rechner meines Vaters kümmere, habe ich MBAM auch mal wieder auf meinem Rechner angeschmissen, und insbesondere fallen die Überreste von MySearchDial und ähnlichen PUPs auf, die vor allem auf dem Konto für Familienangehörige ("Andere") rumlungern.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 04.03.2016
Suchlaufzeit: 22:43
Protokolldatei: log.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.04.05
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Georg

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 551629
Abgelaufene Zeit: 43 Min., 28 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 22
PUP.Optional.InstallCore, HKU\S-1-5-21-2764890169-2354917355-972681180-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\mysearchdial, In Quarantäne, [17ae9ce7e1b8ad899b4d94ce23de59a7], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, In Quarantäne, [cdf8ee950c8dfb3b485239c9a4601ae6], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, In Quarantäne, [972ed8ab4e4bca6c4f4c5ea442c204fc], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, In Quarantäne, [03c2bcc76633aa8cfca0d23031d3a957], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, In Quarantäne, [972e70138a0f3cfa4d51cb3750b48779], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, In Quarantäne, [5b6ab8cbe0b9d5613c64f50dab59728e], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, In Quarantäne, [19ac4e350d8c092ddfc23ac8867e19e7], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, In Quarantäne, [497cc0c3badf70c6c50db84a8e761de3], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, In Quarantäne, [3293c1c226735dd904d9b151867ea957], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, In Quarantäne, [8b3aa7dc8118b086fae727dba85cd030], 
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, In Quarantäne, [11b4dea51f7a2214cc1624de7a8ac739], 
PUP.Optional.Desk365, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Desk 365 RunAsStdUser, Löschen bei Neustart, [ccf9dda6debb48ee86a046b2bf44f30d], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE, In Quarantäne, [f8cdc0c3efaa34023367689aa55fbf41], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE, In Quarantäne, [685d384b1b7e5ed8d8c3e61cad57fa06], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE, In Quarantäne, [992c453e4257d75f2c70ea18d3315ba5], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE, In Quarantäne, [82436a192970201678263bc7a0646898], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE, In Quarantäne, [418493f03663ad89bfe10ef4d52f6898], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE, In Quarantäne, [3c89a0e38613e353f4ad3cc612f21de3], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE, In Quarantäne, [497c00831f7ad95da2304ab8e222bf41], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE, In Quarantäne, [279eb6cd0297152148951de5c14324dc], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE, In Quarantäne, [e5e09fe47e1be94d0ad7d82a867e956b], 
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE, In Quarantäne, [7b4ac5bec2d7092d23bffb0747bdfd03], 

Registrierungswerte: 20
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, In Quarantäne, [cdf8ee950c8dfb3b485239c9a4601ae6]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, In Quarantäne, [972ed8ab4e4bca6c4f4c5ea442c204fc]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, In Quarantäne, [03c2bcc76633aa8cfca0d23031d3a957]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, In Quarantäne, [972e70138a0f3cfa4d51cb3750b48779]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, In Quarantäne, [5b6ab8cbe0b9d5613c64f50dab59728e]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, In Quarantäne, [19ac4e350d8c092ddfc23ac8867e19e7]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, In Quarantäne, [497cc0c3badf70c6c50db84a8e761de3]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, In Quarantäne, [3293c1c226735dd904d9b151867ea957]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, In Quarantäne, [8b3aa7dc8118b086fae727dba85cd030]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, In Quarantäne, [11b4dea51f7a2214cc1624de7a8ac739]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BITGUARD.EXE|debugger, tasklist.exe, In Quarantäne, [f8cdc0c3efaa34023367689aa55fbf41]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPROTECT.EXE|debugger, tasklist.exe, In Quarantäne, [685d384b1b7e5ed8d8c3e61cad57fa06]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BPSVC.EXE|debugger, tasklist.exe, In Quarantäne, [992c453e4257d75f2c70ea18d3315ba5]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERDEFENDER.EXE|debugger, tasklist.exe, In Quarantäne, [82436a192970201678263bc7a0646898]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERPROTECT.EXE|debugger, tasklist.exe, In Quarantäne, [418493f03663ad89bfe10ef4d52f6898]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BROWSERSAFEGUARD.EXE|debugger, tasklist.exe, In Quarantäne, [3c89a0e38613e353f4ad3cc612f21de3]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PROTECTEDSEARCH.EXE|debugger, tasklist.exe, In Quarantäne, [497c00831f7ad95da2304ab8e222bf41]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SNAPDO.EXE|debugger, tasklist.exe, In Quarantäne, [279eb6cd0297152148951de5c14324dc]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST32.EXE|debugger, tasklist.exe, In Quarantäne, [e5e09fe47e1be94d0ad7d82a867e956b]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\STINST64.EXE|debugger, tasklist.exe, In Quarantäne, [7b4ac5bec2d7092d23bffb0747bdfd03]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 43
PUP.Optional.InstallCore, C:\Users\Andere\Mysearchdial\uninstall.exe, In Quarantäne, [17ae9ce7e1b8ad899b4d94ce23de59a7], 
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q");), Ersetzt,[d2f340438019a690d325b874b154a65a]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (er", 1390130350);
user_pref("app.update.lastUpdateTim), Ersetzt,[c302cab97f1a9b9b9f590e1e768fe61a]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (application is application exit0130470);
user_pr), Ersetzt,[d8ed473c772250e6df19111bf312b848]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (efee application is application exit0130470);
user_), Ersetzt,[824360232a6f231397615ad233d23ac6]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (e application is application exit0130470);
user_p), Ersetzt,[487d96ed6633f442ad4b42ea73920cf4]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (fee application is application exit0130470);
user_p), Ersetzt,[5b6a6c173a5f0d29bd3bd458c93ccd33]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (e application is application exit0130470);
user), Ersetzt,[6c597211b6e3f14551a7ec400afb37c9]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (refee application is application exit0130470);
user_pref("app.update.lastUpdateTime.background-update-timer", 1390130350);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1390130590);
user_pref("a), Ersetzt,[efd64b38079203333fb976b6ae57669a]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (ground-update-timer", 1390130590);
user_pref("app.update.la), Ersetzt,[d4f1e0a3f5a4cb6bc533ac80ca3b9d63]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (ation is application exit0130470);
user_pref("app.upda), Ersetzt,[f4d1aed54a4f88ae55a3d05c4bba5fa1]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (pplication is application exit0130470);
user_pref), Ersetzt,[aa1bf291b5e445f151a7032926df6d93]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (fee application is application exit0130470);
user_pref("app.update.lastUpdateTime.background-update-timer", 1390130350);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1390130590);
user_pref("app.u), Ersetzt,[5372146f9efbfa3c0aee5fcdd332659b]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (ound-update-timer", 1390130590);
user_pref("app.update.las), Ersetzt,[893c4f34ff9ae74f8276f73557ae31cf]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (cation is application exit0130470);
user_pref("app.update.la), Ersetzt,[54710e753b5ef24407f144e830d556aa]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (tion is application exit0130470);
user_pref("app.update.lastUp), Ersetzt,[a2237211762394a2ad4bd55711f45da3]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (on is application exit0130470);
user_pref("app.upda), Ersetzt,[8c3998eb4a4f91a5b4440b2184817f81]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (e application is application exit0130470);
user_pref("app.update.lastUpdateTime.background-update-timer", 1390130350);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1390130590);
user_pref("app.update.l), Ersetzt,[d2f3493a8c0d1b1b39bf38f4b94cef11]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (update-timer", 1390130590);
user_pref("app.up), Ersetzt,[c104e3a0b1e88aacc632cf5dfd089c64]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: ( Prefee application is application exit0130470)), Ersetzt,[ffc66a190b8eaa8cb93f87a55ca941bf]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (Prefee application is application exit0130470);
u), Ersetzt,[7055265d0099989e58a0101cc144d62a]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (fee application is application exit0130470);
user_pr), Ersetzt,[398ce89b38614beb788045e7966f0cf4]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: ( application is application exit0130470);
user_pref("a), Ersetzt,[c005c4bfaeebb97dfbfdf933eb1ae31d]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js, Gut: (), Schlecht: (pplication is application exit0130470);
user_pref("app.up), Ersetzt,[537292f1adec1521d028f933b64fd22e]
PUP.Optional.MySearch, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.cr", "1506745486");), Ersetzt,[bf06770c9108013501f5eb4175903fc1]
PUP.Optional.MySearch, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q&cr=1506745486&ir=");), Ersetzt,[d8ed275c1d7c1422f303d5579a6b7f81]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", tN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1Cial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q&cr=1506745486&ir=&q=");), Ersetzt,[3d88b3d04653ce68e31774b8c34259a7]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (tBzy0AtL1Cial.tlbrSrchUrl", "http://start.mysearchdial.com/?), Ersetzt,[c203b9cabfda45f12fcb0824fc090000]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0D), Ersetzt,[e8dda8db1f7aa294ac4e2606976e51af]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (om/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D), Ersetzt,[e0e51370257447ef8c6e85a749bcbb45]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ensiial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0C), Ersetzt,[0bba0d7631682f076397b07c709538c8]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (nsiial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0E), Ersetzt,[f6cff88be3b64fe7b34784a829dc11ef]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtB), Ersetzt,[e4e1186b88115bdb7189ac80d72e11ef]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBz), Ersetzt,[4481aad9cdcc1e18ac4ec76550b56d93]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB), Ersetzt,[774e3c479ffa7cbacd2da18bd4316f91]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (l.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyB), Ersetzt,[aa1b93f08811ee4858a226068a7b7f81]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (om/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyB), Ersetzt,[efd63c472c6d092dad4dbb71f114bc44]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (l.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0), Ersetzt,[3e87146f772295a111e966c6ca3bc53b]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C), Ersetzt,[0db80a793d5c76c0d42657d56f96e11f]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (iial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q&), Ersetzt,[1fa691f2e7b2181e916953d924e130d0]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q&cr=), Ersetzt,[1baa5a294158d363f8026ebe23e2728e]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0), Ersetzt,[992cb5ceebae0e284baf8f9d3dc8bd43]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q&cr=1506745486&ir=");
), Ersetzt,[269faed50f8a24121cde2b01c73e758b]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Könnt ihr mir bitte auch helfen, meinen PC davon zu bereinigen?
Danke im Voraus!

Gruß,
Juri9

Alt 05.03.2016, 10:32   #2
M-K-D-B
/// TB-Ausbilder
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 05.03.2016, 12:04   #3
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Hi! Vielen Dank fürs Helfen

Da die Logs sehr lang sind, kommen sie jetzt einzeln.

FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016
durchgeführt von Georg (Administrator) auf GEORG-PC (05-03-2016 12:49:18)
Gestartet von C:\Users\Georg\Desktop
Geladene Profile: Georg (Verfügbare Profile: Georg & Andere & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(<AVerMedia>) C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\iWinTrusted.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe
() C:\Windows\jmesoft\Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() C:\Program Files (x86)\puush\puush.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Telegram Messenger LLP) C:\Users\Georg\AppData\Roaming\Telegram Desktop\Telegram.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Plus\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [phc700] => C:\windows\system32\vphc700.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit,
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify Web Helper] => C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify] => C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\MountPoints2: {9537da85-6a63-11e5-9bd6-c89cdce712ed} - "G:\HTC_Sync_Manager_PC.exe" 
AppInit_DLLs: C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll => Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-10-29]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin700.exe.lnk [2012-09-08]
ShortcutTarget: TrayMin700.exe.lnk -> C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe ()
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-01-22]
ShortcutTarget: Telegram.lnk -> C:\Users\Georg\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2015-11-16]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyUsers\S-1-5-21-2764890169-2354917355-972681180-1002\User: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b2938fa1-8998-4697-b61c-3e7448cf269d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://de.msn.com/?pc=BB07
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {C88215D9-8C4C-4C02-BD96-C2F219F35ED5} URL = hxxp://www.bing.com/search?FORM=BB07DF&PC=BB07&q={searchTerms}&src=IE-SearchBox
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1369826421840
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\jg9od9kn.default-1449067715926
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2764890169-2354917355-972681180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Georg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-02-29]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-19]
CHR Extension: (Skype-Anrufe) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-11-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-08-30]
CHR Extension: (Animal Crossing Music) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldjcaihhhmemeidcfbcadilcmfdaikkg [2015-04-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (YouTube Unblocker) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-30] [UpdateUrl: hxxp://www.unblocker.yt/addon/chrome/updates.xml] <==== ACHTUNG
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-01-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-30]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-25]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-09-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-30]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-21]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-22]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Full Page Screen Capture) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fdpohaocaechififmbbbbbknoalclacl [2015-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Präsentationen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-12]
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Georg\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-29]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [373248 2014-01-16] (AVerMedia TECHNOLOGIES, Inc.) [Datei ist nicht signiert]
R2 AVerUSBPortChecker; C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe [182784 2015-02-25] (<AVerMedia>) [Datei ist nicht signiert]
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2013-11-09] (BOONTY) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-10] (SurfRight B.V.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)
R2 iWinTrusted; C:\Program Files (x86)\Pogo Games\iWinTrusted.exe [216920 2015-10-02] (iWin Inc.)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-03] (Electronic Arts)
R2 RECentralService; C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe [2553152 2015-07-27] (AVerMedia TECHNOLOGIES, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [159800 2012-10-28] (Soluto)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVMU3HC64; C:\Windows\system32\drivers\avmu364.sys [677632 2015-05-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 cpuz135; C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys [24368 2015-11-19] (CPUID)
R3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R2 hmpalert; C:\windows\system32\drivers\hmpalert.sys [93144 2014-04-10] ()
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-10-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-05 12:49 - 2016-03-05 12:50 - 00039763 _____ C:\Users\Georg\Desktop\FRST.txt
2016-03-05 12:49 - 2016-03-05 12:49 - 00000000 ____D C:\FRST
2016-03-05 12:47 - 2016-03-05 12:49 - 02374144 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2016-03-05 00:25 - 2016-03-05 00:25 - 00000930 _____ C:\Users\Georg\Desktop\Fixlist.txt
2016-03-04 23:33 - 2016-03-04 23:33 - 00000022 _____ C:\WINDOWS\S.dirmngr
2016-03-04 20:44 - 2016-03-04 20:44 - 00159644 _____ C:\Users\Georg\Documents\Gebe immer 100%.pdf
2016-03-03 14:35 - 2016-03-03 14:35 - 00257752 _____ C:\Users\Georg\Documents\Ticket_gamescom2016_4YRhQ82geAJ9G.pdf
2016-03-03 14:25 - 2016-03-03 14:25 - 00090890 _____ C:\Users\Georg\Desktop\invoice-10654-dim.vv.gamescom2016.91.11867.1865.pdf
2016-03-02 15:32 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 15:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 15:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 15:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 15:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 15:31 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-02 15:31 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-02 15:31 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 15:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 15:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 15:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 15:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-02 15:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 15:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 15:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 15:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 15:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 15:31 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-02 15:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 15:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 15:31 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 15:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 15:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 15:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 15:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 15:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 15:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-02 15:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 15:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 15:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 15:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 15:31 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-02 15:31 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-02 15:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 15:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 15:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 15:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 15:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 15:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-02 15:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 15:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 15:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 15:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 15:30 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 15:30 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 15:30 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 15:30 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 15:30 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-02 15:30 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-02 15:30 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 15:30 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 15:30 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 15:30 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 15:30 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 15:30 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 15:30 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 15:30 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 15:30 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 15:30 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 15:30 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-02 15:30 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 15:30 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 15:30 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 15:30 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 15:30 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 15:30 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 15:30 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 15:30 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 15:30 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-02 15:30 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 15:30 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-02 15:30 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 15:30 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 15:30 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 15:30 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 15:30 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 15:30 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 23:52 - 2016-03-01 23:52 - 00003945 _____ C:\Users\Georg\AppData\Local\recently-used.xbel
2016-02-28 22:10 - 2016-02-28 22:10 - 04078592 _____ (GraMMa Interactive ) C:\Users\Georg\Desktop\GraMMasNotAnotherFangame.exe
2016-02-28 21:52 - 2016-02-28 21:52 - 01989166 _____ C:\Users\Georg\Desktop\bebefreu4.mov
2016-02-19 20:45 - 2016-02-19 20:45 - 00000000 ____D C:\Users\Georg\AppData\Local\KADOKAWA
2016-02-19 20:39 - 2016-02-19 20:46 - 00000000 ____D C:\Users\Georg\Desktop\Gogogo11111
2016-02-12 21:16 - 2016-02-12 21:16 - 00000116 _____ C:\Users\Georg\.jasmin
2016-02-12 21:15 - 2016-02-12 21:15 - 00549021 _____ C:\Users\Georg\Desktop\Jasmin-1.5.8.jar
2016-02-09 21:37 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 21:37 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 21:37 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 21:37 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 21:37 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 21:36 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 21:36 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 21:36 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 21:36 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 21:36 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 21:36 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 21:36 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 21:36 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 21:36 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 21:36 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 21:36 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-04 12:49 - 2016-02-05 10:57 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-05 12:50 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Spotify
2016-03-05 12:48 - 2014-11-14 19:38 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job
2016-03-05 12:45 - 2012-09-05 16:31 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Skype
2016-03-05 12:43 - 2014-05-08 15:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job
2016-03-05 12:34 - 2012-09-08 13:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-05 12:33 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-05 12:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-05 12:24 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Local\Spotify
2016-03-05 12:22 - 2012-03-21 13:42 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-05 12:21 - 2015-08-15 21:09 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Telegram Desktop
2016-03-05 12:21 - 2014-11-14 19:38 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job
2016-03-05 12:21 - 2012-09-17 16:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-05 00:14 - 2015-03-29 08:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-04 23:33 - 2015-11-16 10:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-04 23:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Performance
2016-03-04 23:32 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-04 23:31 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Georg
2016-03-04 23:31 - 2013-07-29 17:32 - 00000000 ____D C:\Users\Andere\Mysearchdial
2016-03-04 23:31 - 2012-09-11 16:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\SoftGrid Client
2016-03-04 22:41 - 2016-02-01 23:20 - 00000000 ____D C:\Users\Georg\Desktop\Informatikzeugs
2016-03-04 22:36 - 2012-09-22 12:46 - 00000000 ____D C:\Users\Georg\Desktop\Kram
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2012-09-03 19:11 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-04 20:38 - 2015-12-09 19:42 - 00000000 ____D C:\Users\Georg\Documents\Scans
2016-03-03 17:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 14:07 - 2015-07-31 20:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 14:00 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Andere
2016-03-03 08:00 - 2015-11-16 09:57 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 08:00 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-03 08:00 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-03 08:00 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-03 07:53 - 2015-11-16 09:47 - 02393944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-03 07:52 - 2012-09-08 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-02 23:05 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-02 17:16 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-01 23:56 - 2012-09-27 18:45 - 00000000 ____D C:\Users\Georg\.gimp-2.8
2016-03-01 23:24 - 2015-09-16 06:19 - 00000000 ____D C:\Users\Georg\Desktop\Scans
2016-02-29 20:24 - 2012-09-02 09:43 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2016-02-29 15:09 - 2012-09-05 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-02-22 07:46 - 2016-01-10 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-02-20 08:47 - 2012-03-21 13:42 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:27 - 2015-11-03 06:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 05:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-17 12:09 - 2012-09-03 18:29 - 00000000 ____D C:\Users\Andere\AppData\Local\Lenovo
2016-02-17 07:12 - 2012-10-11 14:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-16 12:44 - 2012-10-01 19:00 - 00000000 ____D C:\Users\Georg\Georgs Kram
2016-02-13 19:12 - 2015-10-15 19:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Human Resource Machine
2016-02-10 09:50 - 2015-08-02 12:49 - 00002424 _____ C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 09:50 - 2015-08-02 12:49 - 00000000 ___RD C:\Users\Andere\OneDrive
2016-02-09 21:57 - 2013-07-31 10:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 21:38 - 2012-08-31 14:15 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 14:10 - 2013-05-29 17:08 - 00000000 ___RD C:\Users\Georg\Google Drive
2016-02-09 14:10 - 2012-08-30 10:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-09 14:10 - 2012-08-30 10:22 - 00000000 ____D C:\Users\Georg\AppData\Local\Lenovo
2016-02-08 08:45 - 2015-07-31 22:09 - 00256968 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2016-02-06 01:26 - 2014-05-22 19:11 - 00000000 ____D C:\Users\Georg\Desktop\WA Archiv
2016-02-04 23:58 - 2013-08-15 18:21 - 00000000 ____D C:\ProgramData\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-14 12:50 - 2013-09-11 20:18 - 0012005 _____ () C:\Users\Georg\AppData\Roaming\alsoft.ini
2013-02-28 17:25 - 2015-01-25 11:27 - 0008704 _____ () C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-01 23:52 - 2016-03-01 23:52 - 0003945 _____ () C:\Users\Georg\AppData\Local\recently-used.xbel
2013-12-16 16:19 - 2013-12-16 16:19 - 0007605 _____ () C:\Users\Georg\AppData\Local\Resmon.ResmonCfg
2014-08-09 16:55 - 2014-08-09 16:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-03-21 13:37 - 2012-03-21 13:37 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2012-10-29 20:47 - 2012-10-29 20:47 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
C:\Users\Georg\Minecraft.exe


Einige Dateien in TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Georg\AppData\Local\Temp\tmd_34014152.exe
C:\Users\Georg\AppData\Local\Temp\ubiF044.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-24 17:30

==================== Ende von FRST.txt ============================
         
__________________

Alt 05.03.2016, 12:05   #4
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016
durchgeführt von Georg (2016-03-05 12:50:54)
Gestartet von C:\Users\Georg\Desktop
Windows 10 Home Version 1511 (X64) (2015-11-16 09:34:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2764890169-2354917355-972681180-500 - Administrator - Disabled)
Andere (S-1-5-21-2764890169-2354917355-972681180-1002 - Administrator - Enabled) => C:\Users\Andere
cexyuxxekbas (S-1-5-21-2764890169-2354917355-972681180-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-2764890169-2354917355-972681180-503 - Limited - Disabled)
Gast (S-1-5-21-2764890169-2354917355-972681180-501 - Limited - Disabled)
Georg (S-1-5-21-2764890169-2354917355-972681180-1001 - Administrator - Enabled) => C:\Users\Georg
HomeGroupUser$ (S-1-5-21-2764890169-2354917355-972681180-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Akademie der Magie (HKLM-x32\...\Akademie der Magie) (Version:  - )
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
AVerMedia C875 Live Gamer Portable 3.7.64.23 (HKLM-x32\...\AVerMedia C875 Live Gamer Portable) (Version: 3.7.64.23 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Live Gamer EXTREME 1.0.64.61 (HKLM-x32\...\AVerMedia Live Gamer EXTREME) (Version: 1.0.64.61 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.84 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.84 - AVerMedia Technologies, Inc.) Hidden
AVerMedia RECentral 2 (HKLM-x32\...\InstallShield_{D4F8EA9E-80D3-46B3-A5D9-7D264D319297}) (Version: 2.0.0.36 - AVerMedia Technologies, Inc.)
AVerMedia RECentral 2 (x32 Version: 2.0.0.36 - AVerMedia Technologies, Inc.) Hidden
Bejeweled 2 Deluxe 1.0 (HKLM-x32\...\Bejeweled 2 Deluxe 1.0) (Version:  - )
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bejeweled Twist (HKLM-x32\...\Bejeweled Twist) (Version: 1.0.3.7482 - Pogo)
Bejeweled Twist 1.0.3.8137 (HKLM-x32\...\Bejeweled Twist 1.0.3.8137) (Version: 1.0.3.8137 - PopCap Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version:  - Gaijin Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bookworm Adventures Deluxe 1.0.1.100 (HKLM-x32\...\Bookworm Adventures Deluxe 1.0.1.100) (Version:  - )
Bookworm Deluxe 1.131 (HKLM-x32\...\Bookworm Deluxe 1.131) (Version:  - )
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Build-a-lot (HKLM-x32\...\Build-a-lot) (Version: 1.1.0.0 - MumboJumbo)
Build-a-lot 2 (HKLM-x32\...\Build-a-lot 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Cakewalk Sound Center 1.1.0 (HKLM-x32\...\Cakewalk Sound Center_is1) (Version: 1.1.0 - Cakewalk Music Software)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 90 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412) (Version:  - )
Castle Crashers Demo (HKLM-x32\...\Steam App 207100) (Version:  - )
Cave Story (HKLM-x32\...\Cave Story) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - )
Christmas Shopper Simulator (HKLM-x32\...\{139C8AA5-BA56-4388-B5EC-31E0BF09A7C6}) (Version: 1.0.0 - Game Retail Ltd.)
Chuzzle Deluxe 1.0.3.1132 (HKLM-x32\...\Chuzzle Deluxe 1.0.3.1132) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\Creative Mass Storage Drivers) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\MuVo Driver) (Version:  - )
Creative-Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das Drachenei: Die Geschichte des Wanderers (HKLM-x32\...\Das Drachenei: Die Geschichte des Wanderers) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Geheimnis des Bermudadreiecks (HKLM-x32\...\Das Geheimnis des Bermudadreiecks) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Reich des Drachen (HKLM-x32\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis der Insel (HKLM-x32\...\Das Vermächtnis der Insel) (Version: 1.0.0.0 - INTENIUM GmbH)
Deponia (HKLM-x32\...\GOGPACKDEPONIA_is1) (Version: 2.1.0.7 - GOG.com)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Diamond Drop 2 (HKLM-x32\...\Diamond Drop 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.278.1110 - Electronic Arts Inc.)
Die Wiege Ägyptens (HKLM-x32\...\Die Wiege Ägyptens) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Wiege Roms (HKLM-x32\...\Die Wiege Roms) (Version:  - )
Dinos & Bubbles (HKLM-x32\...\Dinos & Bubbles) (Version: 0.0.0.0 - INTENIUM GmbH)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Edna Bricht Aus 6.3 (HKLM-x32\...\{0D00CD3F-AEDC-45F1-A2DD-DADF74407D7B}_is1) (Version:  - )
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Feeding Frenzy 2 (HKLM-x32\...\{3E6187E8-9548-49BA-AC9A-E481C0EF4526}) (Version: 1.0.0.0 - PopCap Games)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Flyonoid (HKLM-x32\...\Flyonoid) (Version: 0.0.0.0 - INTENIUM GmbH)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
Free YouTube Download Classic (HKLM-x32\...\Free YouTube Download Classic_is1) (Version: 3.2.75.118 - DVDVideoSoft Ltd.)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Gardenscapes (HKLM-x32\...\Gardenscapes_is1) (Version:  - Playrix Entertainment)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.2.1 - Genesys Logic)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\{6438EBAC-5305-39A5-A93E-88CDFA6CE947}) (Version: 48.0.2564.116 - Google, Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
Hammer Heads 1.0 (HKLM-x32\...\Hammer Heads 1.0) (Version:  - )
Harveys Neue Augen (HKLM-x32\...\Harvey) (Version: 1.0 - Daedalic Entertainment)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
HitFilm 3 Express (HKLM\...\{0259351A-DAB0-402F-BBAC-CD4074D2DD3B}) (Version: 3.1.4321.38300 - FXhome)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hühner-Attacke (HKLM-x32\...\Hühner-Attacke) (Version: 0.0.0.0 - INTENIUM GmbH)
Hühner-Rache Deluxe (VOLLVERSION) (HKLM-x32\...\Hühner-Rache Deluxe (VOLLVERSION)) (Version:  - )
Human Resource Machine (HKLM-x32\...\Steam App 375820) (Version:  - Tomorrow Corporation)
Human Resource Machine 1.0 (HKLM-x32\...\{F8B98BF2-D6BF-45B7-9107-71EF2139D0A4}) (Version: 1.0.0 - Tomorrow Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Insanely Twisted Shadow Planet (HKLM-x32\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Ittle Dew (HKLM-x32\...\Steam App 241320) (Version:  - Ludosity)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
Jumpin’ Jack (HKLM-x32\...\Jumpin’ Jack) (Version: 0.0.0.0 - INTENIUM GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.4827a - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
Lenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
Magic Encyclopedia (HKLM-x32\...\Magic Encyclopedia) (Version:  - )
Magic Encyclopedia 2 (HKLM-x32\...\Magic Encyclopedia 2) (Version:  - )
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_MSI_FotoDesigner7_silver) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B2DC0B6C-C969-43B9-B6C3-6A6C1CAD46DF}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{3629C581-D8D2-477E-A40E-D5E351DF066B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_plus) (Version: 11.0.3.0 - MAGIX AG)
MAGIX Video deluxe MX Plus (x32 Version: 11.0.3.0 - MAGIX AG) Hidden
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_MSI_Video_easy_3_TerraTec) (Version: 3.0.1.25 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (x32 Version: 3.0.1.25 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McPixel (HKLM-x32\...\Steam App 220860) (Version:  - Sos)
Meine kleine Farm (HKLM-x32\...\Meine kleine Farm) (Version: 0.0.0.0 - INTENIUM GmbH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Macro Assembler (MASM) (HKLM-x32\...\{F0D36479-04C5-4011-B2F9-FA23C9700157}) (Version: 8.0.50720.105 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM-x32\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM-x32\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 38.0.1 (x86 de) (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Creator LE 5.0.6 (HKLM-x32\...\Music Creator LE_is1) (Version: 17.0 - Cakewalk Music Software)
Music Manager (HKLM-x32\...\{5AFA4872-16B2-419E-ADCA-8E96E739115D}) (Version: 10.01.0006 - )
Mutant Mudds (remove only) (HKLM-x32\...\RenegadeKidMutantMudds) (Version:  - )
Mystery P.I. - The London Caper (HKLM-x32\...\Mystery P.I. - The London Caper) (Version:  - PopCap Games)
Nebel der Elfen (HKLM-x32\...\Nebel der Elfen) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nintendo_History_ScreenSaver (HKLM-x32\...\Nintendo_History_ScreenSaver) (Version:  - )
Nintendo_SMG2_ScreenSaver (HKLM-x32\...\Nintendo_SMG2_ScreenSaver) (Version:  - )
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Offspring Fling! (HKLM-x32\...\Steam App 211360) (Version:  - )
Oozi: Earth Adventure (HKLM-x32\...\{B083076F-BCCB-4710-A4B1-6512134A16DE}) (Version: 1.0.0.0 - Awesome Games Studio)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{af9ff3ed-cea8-4944-9131-04bcfa1904f3}) (Version: latest - ppy Pty Ltd)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Deluxe 1.03 (HKLM-x32\...\Peggle Deluxe 1.03) (Version:  - )
Peggle Nights (HKLM-x32\...\{6641FD4F-6B9F-47F4-9DEA-9979E79E68D7}) (Version: 1.1.6.5913 - PopCap Games)
Peggle Nights Deluxe 1.0.3.5802 (HKLM-x32\...\Peggle Nights Deluxe 1.0.3.5802) (Version: 1.0.3.5802 - PopCap Games)
Peggle World of Warcraft Edition (HKLM-x32\...\Peggle World of Warcraft Edition) (Version:  - PopCap Games)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - PopCap Games)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ACHTUNG
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.92 - proDAD GmbH)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Puddle (HKLM-x32\...\Puddle_is1) (Version:  - GOG.com)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Python 3.2 construct-2.5.1 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\construct-py3.2) (Version:  - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Q.U.B.E. Demo (HKLM-x32\...\Steam App 204610) (Version:  - )
Quantum Conundrum Demo (HKLM-x32\...\Steam App 205700) (Version:  - )
Randal's Monday Demo (HKLM-x32\...\Steam App 333140) (Version:  - Nexus Game Studios)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.02 - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Relational Algebra Translator Version 4.1 (HKLM-x32\...\{E9A45241-FC5C-4613-A37E-FC3296485E99}_is1) (Version: 4.1 - Universidad Nacional de Costa Rica)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Schatzinsel 2 (Vollversion) (HKLM-x32\...\Schatzinsel 2 (Vollversion)) (Version:  - )
Secunia PSI (3.0.0.4001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Sheep’s Quest (HKLM-x32\...\Sheep’s Quest) (Version: 0.0.0.0 - INTENIUM GmbH)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smash Frenzy 4 (HKLM-x32\...\Smash Frenzy 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Snapshot (HKLM-x32\...\Steam App 204220) (Version:  - )
Snowy (HKLM-x32\...\Snowy) (Version: 0.0.0.0 - INTENIUM GmbH)
Snowy: Lunch Rush (HKLM-x32\...\Snowy Lunch Rush) (Version: 0.0.0.0 - INTENIUM GmbH)
Soluto (HKLM\...\{34307828-B2DB-4473-A803-A314FC7AA889}) (Version: 1.3.1023.0 - Soluto)
Sonic Generations Demo (HKLM-x32\...\Steam App 202290) (Version:  - Sega)
SPC 700NC PC Camera (HKLM-x32\...\{9C5B9ED6-0344-4550-A4AB-C4499EB36053}) (Version:  - )
Spotify (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
SQLite ODBC Driver for Win64 (remove only) (HKLM-x32\...\SQLite ODBC Driver for Win64) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuersparer 2014 (HKLM-x32\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Strikeball 3 (HKLM-x32\...\Strikeball 3) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - )
Super Mario Brothers 2 Screensaver (HKLM-x32\...\Super Mario Brothers 2 Screensaver) (Version:  - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Win the Game (HKLM-x32\...\Steam App 310700) (Version:  - Minor Key Games)
Superkuh (HKLM-x32\...\Superkuh) (Version: 0.0.0.0 - INTENIUM GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.28 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.28 - Telegram Messenger LLP)
TERRATEC Grabby V5.09.1202.00 (HKLM-x32\...\TERRATEC Grabby) (Version: 5.09.1202.00 - )
The Basement Collection (HKLM-x32\...\Steam App 214790) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Turtix (HKLM-x32\...\Turtix) (Version: 0.0.0.0 - INTENIUM GmbH)
Turtix 2 (HKLM-x32\...\Turtix 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity Web Player (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.20 Beta 2 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
Woah Dave! (HKLM-x32\...\Steam App 315110) (Version:  - MiniVisions)
World of Goo (entfernen) (HKLM-x32\...\World of Goo) (Version:  - )
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XSplit Broadcaster (HKLM-x32\...\{BF4EDEC4-40DE-4021-9040-0B41663CBCE1}) (Version: 2.6.1510.2621 - SplitmediaLabs)
Yumsters 2 (HKLM-x32\...\Yumsters 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Zuma Deluxe 1.0 (HKLM-x32\...\Zuma Deluxe 1.0) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Georg\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {000CB502-D961-4EF9-9B25-BB783FCCE7C3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {07C21E35-9167-45FC-9DC5-29647F2EE15D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {0A91147B-AFF6-40A7-8281-8762432A42FC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0B0D0027-6A7D-461C-B19F-102D65EFD1A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0DB761BD-4C86-4EF1-9FF7-217E4EA141EB} - System32\Tasks\{D6C011F4-E699-439C-9B9E-DB066A35F5D9} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {10EB6D3D-48F3-4273-A7C8-6E2357160EBD} - System32\Tasks\{141DAD77-9DFF-47D4-9E4B-C3E580C6CDB2} => pcalua.exe -a C:\Users\Georg\Desktop\GL710_application_and_driver_v1.3.0.84_20140623.exe -d C:\Users\Georg\Desktop
Task: {1498DCDF-C686-4051-9309-3D5DDBC8CA89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {154F514A-A6D7-4DD2-8CEE-07BC2C049DBD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1B1F4A43-834E-4C21-AAAC-BB8BB74C5D61} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {22829860-B4F5-412D-BF26-481908B6D1C1} - System32\Tasks\{F40F36A6-342E-48E1-8D38-2DF99C54F9E3} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {22B85D8E-4D3A-463F-937F-6D6F21A5A5F7} - System32\Tasks\{6C6012E4-10B8-47AB-BF1C-CC4FE4E0944B} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {22D2B17B-3415-48AC-8FAD-BD0CDB0120AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {23FD9FB0-2C17-4556-AC69-FFA56AD00F92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2582FCF7-D6E8-4913-BE6F-A0D59A3237EF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {28E61EEB-FF4F-42CB-B43B-F3C2683E7F45} - System32\Tasks\{03DF9196-4F37-4AF2-9EE7-8F182C3C1FDA} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {2EDF115B-8147-488A-89A7-5E3B87402B62} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3B7D67E3-965C-4DB0-BFF7-C56148B60E0F} - System32\Tasks\{89460D6F-55EE-4144-88FB-49B590B5CA21} => pcalua.exe -a C:\Users\Georg\Downloads\lide90vst641300ej.exe -d C:\Users\Georg\Downloads
Task: {3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3CBEB8BB-E9F4-4C91-A074-B6C6B5106892} - System32\Tasks\{09386E22-90C7-4050-A4FC-59712DDBCFD0} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {41AC8DE2-A3F7-4881-AF4D-6A239B70D40E} - System32\Tasks\{4A235EC8-FD28-471F-8672-C225FF02FF5E} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {44AC9FD8-C573-42CE-916A-DB29F369C1E3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {45C91C7E-C168-410C-8B5F-AA7C466F7808} - System32\Tasks\{AD2E0DE0-6292-430B-9C70-08CAD4546C28} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {47060F33-F87D-4EB3-8F99-E471C1A28770} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E} - System32\Tasks\{39157281-4289-4AC3-A03E-7784D5D9FD60} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {4AEEB4FA-E867-4275-B9E5-DDDCA0173762} - System32\Tasks\{D4BBF116-FE11-4C32-B08B-28D68581C067} => pcalua.exe -a C:\Users\Georg\Desktop\JRT.exe -d C:\Users\Georg\Desktop
Task: {4C2F56E5-D39B-4949-A351-3AAC5BF4B08D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4ED0B30F-0400-438C-ACE5-EB876F9E64C3} - System32\Tasks\{30114F5B-7107-43B9-AE8E-77E523473DD3} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {5039C775-5DA6-443F-8159-27C47EFC3991} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {51E73228-6869-49D4-89BB-0F9087E16B36} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {527B8EB0-C94D-4611-915E-BC7004B90B9C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5985EFDB-4DF6-43C3-A351-2B77AFCF2AA9} - System32\Tasks\{3F33EA58-777D-48E5-9A72-C411B84DD41B} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {5B93CCFF-8B92-4DDE-9528-5C4E87DC40EA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {625B28AF-7EA2-457B-A601-803B23E5A514} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {64EF008A-B590-4ECF-B7B4-8427E8DD1ACF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {65BC0CAE-BE7C-4212-8AA7-FEE94796ECFF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {682C112C-91A2-453D-AF20-A19AE814A99E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {68C717B3-E281-41FA-881E-1B8F09FA146A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6C98AC96-982E-4C67-876F-696B4BEB5D6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {6E76DEA3-9BB7-4615-BF86-66E4E5CCE057} - System32\Tasks\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A} => pcalua.exe -a C:\Users\Georg\Desktop\desktop.exe -d C:\Users\Georg\Desktop
Task: {76890C00-360F-478B-8F4A-D35BF3017ECA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {775180C5-39B5-4344-A714-67A1CA9C308B} - System32\Tasks\{1B7B454B-D060-447E-A524-8403182236D2} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {781512EA-855A-44D8-8FBD-CF0B59F63FA9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7C788119-4AB2-482B-9DC2-E9EBF04831A0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87279B5D-7847-4967-95E0-7FF1923509C3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336} - \Desk 365 RunAsStdUser -> Keine Datei <==== ACHTUNG
Task: {8C295FE6-5816-4EDC-AD33-3A49F375EB99} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {9228DE4C-EAA7-44AE-8464-226C9D8777BC} - System32\Tasks\{679AF5C3-3131-41A0-819C-968AE719B570} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {9664AC75-C1F5-41F4-A1B9-D343F643134F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {9F7F76DF-4611-49E2-A5D0-3477567DE0AA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9F98EAD9-7AC8-4EE5-89DF-95670E187B3F} - System32\Tasks\{E46D8B49-D168-432F-A16F-1CFA3D09054D} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {A09CADF4-58ED-496C-9188-2D86F2BE085E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {A1ACC24C-9FBD-48D7-B14C-48EAB3F50209} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {A426678D-DA71-4B4B-9B85-981D98BE8C4E} - System32\Tasks\{FB3B6673-58E4-4AB0-BA06-55F3E07CBD68} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {ABF15843-06B4-4EC9-99EE-F5A581D5B740} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B1C86B65-BFB9-4570-B739-AF957C51FECB} - System32\Tasks\{84125F2B-66FF-4D23-8345-E574582A07D3} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {B3694911-5EA5-4D5D-A7D3-D8839466EC45} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B68CAD77-ADE7-4FCD-9618-25584C3080E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C4174FC2-81DE-4B59-A2D0-EA2FF0BED6A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CA71CF61-88E0-4AD6-95FF-434FDB158314} - System32\Tasks\{5A25AE58-0690-4338-A281-12AFD1F42B43} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CA8FCCE2-380F-490D-BA67-E542C0B0D155} - System32\Tasks\{30C490A4-1414-4E4F-9A4C-161E1D7F2D89} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CB324651-721C-40F2-98B4-00B36EDB4502} - System32\Tasks\{9B25F6CB-5177-41F1-AB00-56134914F469} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {D0D2F053-DC3B-4F71-8C72-68879CFDB325} - System32\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D13F1CBB-DCEB-4F4B-83DD-C48BA3967607} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D21AEADF-13CA-4CB1-B218-EA2BAB19CBE0} - System32\Tasks\{09323272-BD34-4C61-99B5-C4AAB0E95503} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {D606949D-5786-4113-958D-CE6A535B3633} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8112DD8-07F8-4AD1-A34D-0511B22DD3DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D8DDA550-D72F-443A-B506-E112D4FF5B69} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DF58ACD3-171F-4401-B9BD-15A329C4B883} - System32\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E01A47C6-C636-4930-A7FA-C28A95BC53ED} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe [2015-10-02] (iWin Inc.)
Task: {E4EA4563-7840-4558-99BD-219BCAF78CB0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E6448650-5C88-4D95-B7D0-65DCAE1A27E7} - System32\Tasks\{0DD2511D-264E-4200-9B16-488766294C64} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {E73B94EF-E652-40F9-96A7-BF43892CFFF2} - System32\Tasks\{284635B6-657F-4292-AEF8-DA2866407675} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {EDAB4437-6214-4B5A-AFD3-1F3D62F08AAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {EE9F6E11-ADAB-48EC-B99F-C740B9E66236} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F18F99F3-C285-4975-899B-D28D601B41D4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F35D1E98-22B9-4393-9C34-F143138BE83C} - System32\Tasks\{5ED761C6-9885-43A7-BBB7-4C94289045FC} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/217830
Task: {FCB8716E-7B82-4F63-AFA3-F3BD50C3F4A6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {FEE12B32-D23A-410C-BC24-1B6FE1340BA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-09-03 12:07 - 2014-09-03 12:07 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2012-03-21 13:04 - 2011-03-16 04:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-16 09:53 - 2015-08-07 05:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-13 16:41 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 15:42 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:41 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:41 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-28 18:16 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 18:16 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-03-21 13:04 - 2011-05-25 13:09 - 00049152 _____ () C:\Windows\SysWOW64\UMonit.exe
2012-08-30 10:39 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
2012-01-10 13:41 - 2015-03-30 08:39 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2012-08-30 10:39 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
2012-09-08 14:55 - 2005-07-12 19:04 - 00278528 _____ () C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe
2012-03-21 13:04 - 2011-03-21 22:12 - 00020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2016-01-22 10:07 - 2016-01-22 10:08 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-09-03 11:41 - 2014-09-03 11:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-09-03 11:48 - 2014-09-03 11:48 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-09-03 11:56 - 2014-09-03 11:56 - 00742400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\2db06033b228e6dda5c6fe72b7c2e134\Windows.Foundation.ni.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-02-12 06:10 - 2016-02-10 14:54 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2015-07-30 12:42 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 17:10 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 04:37 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2012-09-17 16:55 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 09:04 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 47503472 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libcef.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2012-03-21 13:04 - 2007-12-31 18:27 - 00007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2012-03-21 13:04 - 2009-07-16 17:20 - 00032768 _____ () C:\Windows\jmesoft\Keyhook.dll
2012-03-21 13:37 - 2010-09-09 19:19 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
2012-03-21 13:37 - 2010-09-09 19:18 - 00211456 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 01584240 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libglesv2.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 00082032 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libegl.dll
2012-09-17 16:55 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-01-10 19:29 - 2016-02-22 07:46 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-10 19:29 - 2016-02-22 07:46 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 00101888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Management\19c9cc8dae246a941f67c9d46b5f47c3\Windows.Management.ni.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 02921472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\b65fdfe33ab6e610cffbb42830b95c00\Windows.ApplicationModel.ni.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 00821248 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\1356ae96a3e87dc2b89d4dfde8fb2db6\Windows.Storage.ni.dll
2016-02-20 08:46 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 08:46 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\skype.com -> hxxps://apps.skype.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Georg\Desktop\wallpaper.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E409828D-6242-4503-9BBE-F229DDB1A7C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{EB590ADE-DC52-4BB8-99DD-510E7E75412B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{3E1D00CA-1C05-4F1E-9D0A-FAE03FCA63AA}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{EA8CC015-FC7E-4F23-8826-FEEBE3B0BC2C}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{534AA780-7B96-4803-976A-418A9F0912FF}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{923A37BF-BC10-4A76-AB38-1B7D680D8998}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{92218D33-E3CD-4370-8469-04E486B16722}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{5A932314-348D-4AA6-B186-D7ECD1D430B7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{49DFBD46-41AC-4316-A6B7-DD0BE653985C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{8C1CCE65-84D8-40DC-B350-E6942E45423E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{1BEBBF0D-E3DA-4C1F-83A5-D5E4450FE19E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{60AEE7F5-7F87-4524-A935-E9F87418A0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{B2D8E196-1F82-477D-8C2F-6FBAFF599C47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{CEF85CEA-8C34-4407-B2F7-704594188E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{51128BE1-7B43-48E3-A6B8-A7CACD85055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5A67CCCF-98B5-4ACB-8E72-39725C0DBC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [UDP Query User{21CE44F9-D3F7-4421-BB9C-3179631BCBB6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9245CCE2-0CDD-4A9A-8786-4891AF7AB021}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6690C194-49D2-4FED-8156-86A96F4AC0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [{8E3A5BFB-255F-424C-B7E4-35EDEC1B3342}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [UDP Query User{317EA79A-BE6A-43F1-ADC8-A853B1127485}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [TCP Query User{C93797DC-6D78-4902-BD42-9588BF624885}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [{1C2F4D0C-E773-47F8-A245-02FF8CFA1C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FC207651-33C0-47F6-8A37-B0A8F2233B65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B4664996-F23A-4259-84A9-C1C3F00160F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{B2DFA9E3-7E75-444C-B09E-A4586B96F7A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [UDP Query User{09434D76-117F-4E69-B73E-6C9B221AEDF8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C6F953E9-9961-4402-A123-D09977372A86}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6A6DA135-116A-44CB-99C7-10DD455DFF37}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D0F5BB4-349D-4A33-AB49-4710936FEB1B}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{26B75818-B9C9-4600-95EF-5BF3271CD3B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{F76D6685-8781-4214-AE29-7391A7F952EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{3B2A79E8-BD57-421C-ADC5-6F1B8DC3380E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{16CFFB9C-BEE5-4AE5-A4F5-60442CE9D029}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{B14C55C3-5494-4468-9BFF-9D01B7955596}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{E6E36002-BFFE-4072-9BB6-A5A04F162601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [TCP Query User{4BC615D9-F4FA-47A7-BDB0-670434CF8059}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{0387514B-08D3-4818-8800-46031F3D5B5B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{D7C1C599-484C-4D0A-94D6-190C6B70BDF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{6EA01E06-8DC1-4DA9-86AA-266312A7FD3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{817401A8-5E26-430F-B299-678DC9AEB0C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{794416C1-5ECE-4929-B1D4-533611F0295D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{FB681326-7AE1-43F5-8C9F-594F5A1133BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{17B5C4B0-B585-45A5-9AE8-D5DA109D255C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{D7C4ADC2-563E-4498-B69B-57473A5019FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{3F19F675-B02E-400D-8098-EE3E07CC1CA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{29848BF7-4700-4B86-B285-9F285A185560}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [{5AA8268A-600F-419C-9948-F7093766B19E}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [TCP Query User{DA7B4175-FC5A-4C9F-9145-6DD61835B85E}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5BA3F47A-5492-468F-B714-3BEE65943273}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B74FE500-4A10-4E19-AFCC-0CA5B1399169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{00F13B6A-DD95-4D2A-8267-B51D593D523D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{AE0F8D3F-2CB8-4614-B9E4-DA9F72282EFD}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{11D076F9-C631-429D-803D-92825E20E0A7}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{DC57E1F2-4EAC-402B-BD71-2AF69888D14B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{0CE0EE76-6674-4D8D-85EE-B01BEBB463AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{CD45CD21-970D-4F39-B7C0-736C463EA752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{51E2CC35-413D-4D8D-A128-97D3832D675E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{70670B13-5B7B-4A83-BE5B-8C3DA34FFC7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{F27ADD3A-BB39-45B1-B377-B33F7274D3D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{D01A302B-65E9-4621-8D1A-9087A39E2DF3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{74BD137C-94EB-46C4-8C51-D4BA4FEDFD80}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3B88FB96-139E-4FE5-A3C1-058414FF151C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6B919022-EA80-458F-84C6-C97B4A5BD145}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C82C5818-9CD0-40BC-AD0A-BAF04AB8AD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4ED58B78-E9AF-4A93-8C04-795CB711675F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{039E57EE-BE99-455D-B6BC-99637C1D6E51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{3DBF7A9D-5868-43D5-AB3D-1515E2270F4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{78E3D2BF-7FF9-4802-9F8A-25E95DD2A11A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{B7F9AC72-5BFE-4BAA-9552-5FC3F92B9787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{2A364A6C-9D9F-4695-BA9B-EEF9F4A3BF1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{76E95C7B-972A-4593-A4CA-EC3A1576F5F2}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{ABACCF8A-DA66-4878-983E-5DAEEFF05D45}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{5226270F-2869-4DD0-A8C3-1D4ED7A8B093}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [{5A3639E5-EB75-4287-8171-54CE88577D25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [TCP Query User{3EB352B3-DC7B-41CB-9284-E185B2C22F3F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ECCD81E0-6498-4AC3-A365-ACC9175557BA}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{696D3DCE-5EE6-4D4C-ADD5-E4ABF536FD2A}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{3451884F-629F-421F-8857-B2043846C27F}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{FFE143AF-BE95-4AD3-A658-4E4BF13DAC01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [{78471CE3-D841-4D1B-98EB-A51BA8A54E60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [TCP Query User{3F5DC93B-1BDB-48C0-B393-20F45F96D0FF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{C455E4F5-8622-4DE8-AB3F-406A6B9B96AE}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{41B11C50-6F85-44F0-8155-D455B70E8D09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{10195601-8288-4F6A-9B1D-CCF229F48892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{88DCC03C-2C4D-4C9C-B40F-B88EF3C2423A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{79D8C42C-9ED0-428F-9C9E-443A8219722F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AEF54BB6-F0CF-4BFE-A551-1268F2CAFDBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D3727C3-5977-4C54-BE43-DBBB3EA05E6F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F74F19C9-BED4-4304-BFF5-C4E2C0683C38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2897C868-4F2D-403B-81FA-F567AE2A21FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2722FDD4-502A-4BA7-8EBC-1BEB6598CB19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DEE26149-9301-4098-BF58-4FCEED52D2C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6286AA30-5281-417E-AB1B-EB2E13BDDA51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEC6BA65-FBB3-44FD-B866-0EBFFF42ED2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{8DFF7091-838D-4B43-BF8A-84D744CA6690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{827B468D-2B6C-484E-A444-A8F341F7B3AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{3E8C502C-937D-4ECD-B416-0AF45989920A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [TCP Query User{8324DB31-6835-40A3-BE6E-75793B22E236}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{3882B36A-0331-4497-88B0-8AB860F0ECD8}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [{1FB05D6C-7FEF-4982-AC22-7B4E5E907B9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{03336EB7-C0C6-4362-9188-ADB5E75E7F12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{774095D4-0FF7-4475-B957-94CCA1EC37CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{F8298678-A9B7-4FA5-8106-FFBC72594588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9B7C97E5-460C-434F-8A48-41E5385105D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{1417C50A-473F-4ECA-8A28-87B49F196DB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{B3527AF4-E41E-49A4-BAB4-9222B2EA37CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{61796766-E487-481B-8462-682F2A83D763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{40575BDC-94CA-49AD-B072-733A35E199D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{973BA223-0FD9-4766-90C5-D173BC2E8271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5A48F562-1966-495A-9677-A887FA11AAA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

==================== Wiederherstellungspunkte =========================

21-02-2016 16:47:58 Windows Update
25-02-2016 16:20:06 Windows Update
28-02-2016 16:53:07 Windows Update
02-03-2016 17:10:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2016 12:05:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/04/2016 11:34:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: CNQ2412C.DLL, Version: 1.0.1.0, Zeitstempel: 0x460382b7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000040a0
ID des fehlerhaften Prozesses: 0xd18
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (03/04/2016 04:43:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GEORG-PC)
Description: Das Paket „Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe+Microsoft.ZuneMusic“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (03/02/2016 05:11:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/28/2016 07:00:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (02/28/2016 04:53:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/25/2016 06:13:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 16.201.11370.0, Zeitstempel: 0x56afb8be
Name des fehlerhaften Moduls: PhotosApp.Windows.dll, Version: 16.201.11370.0, Zeitstempel: 0x56afb831
Ausnahmecode: 0x80000003
Fehleroffset: 0x000000000006c3bf
ID des fehlerhaften Prozesses: 0x10b7c
Startzeit der fehlerhaften Anwendung: 0xMicrosoft.Photos.exe0
Pfad der fehlerhaften Anwendung: Microsoft.Photos.exe1
Pfad des fehlerhaften Moduls: Microsoft.Photos.exe2
Berichtskennung: Microsoft.Photos.exe3
Vollständiger Name des fehlerhaften Pakets: Microsoft.Photos.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Photos.exe5

Error: (02/25/2016 04:20:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/23/2016 05:11:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GEORG-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/21/2016 07:00:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).


Systemfehler:
=============
Error: (03/05/2016 12:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4fd58" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 12:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4fd58" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 12:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4fd58" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 12:47:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4fd58" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/04/2016 11:42:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Dateiversionsverlauf-Dienst" wurde nicht richtig gestartet.

Error: (03/04/2016 11:40:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (03/04/2016 11:34:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/04/2016 11:33:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (03/04/2016 11:32:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst RECentralService konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (03/04/2016 11:32:07 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst AVerRECentral konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


CodeIntegrity:
===================================
  Date: 2016-03-04 23:03:34.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-04 23:03:34.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-04 23:03:34.730
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-04 23:03:32.807
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-04 23:03:25.374
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 17:07:11.883
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 17:07:11.871
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 17:07:11.857
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 17:07:03.748
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-03 17:07:03.661
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8174.38 MB
Verfügbarer physikalischer RAM: 4148.28 MB
Summe virtueller Speicher: 16366.38 MB
Verfügbarer virtueller Speicher: 11604.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:905.9 GB) (Free:124.53 GB) NTFS
Drive d: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:723.83 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 49DB58C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E0D2C53C)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 05.03.2016, 12:06   #5
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



TDSSKiller.3.1.0.9_05.03.2016_12.55.37_log:
Code:
ATTFilter
12:55:37.0340 0x1cbc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:55:44.0158 0x1cbc  ============================================================
12:55:44.0158 0x1cbc  Current date / time: 2016/03/05 12:55:44.0158
12:55:44.0159 0x1cbc  SystemInfo:
12:55:44.0159 0x1cbc  
12:55:44.0185 0x1cbc  OS Version: 10.0.10586 ServicePack: 0.0
12:55:44.0185 0x1cbc  Product type: Workstation
12:55:44.0185 0x1cbc  ComputerName: GEORG-PC
12:55:44.0185 0x1cbc  UserName: Georg
12:55:44.0185 0x1cbc  Windows directory: C:\WINDOWS
12:55:44.0185 0x1cbc  System windows directory: C:\WINDOWS
12:55:44.0185 0x1cbc  Running under WOW64
12:55:44.0185 0x1cbc  Processor architecture: Intel x64
12:55:44.0185 0x1cbc  Number of processors: 4
12:55:44.0185 0x1cbc  Page size: 0x1000
12:55:44.0185 0x1cbc  Boot type: Normal boot
12:55:44.0185 0x1cbc  ============================================================
12:55:44.0584 0x1cbc  KLMD registered as C:\WINDOWS\system32\drivers\31471574.sys
12:55:45.0329 0x1cbc  System UUID: {CCAB2142-74AD-CBA1-69CE-AA54E8FC9E3F}
12:55:46.0001 0x1cbc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:55:46.0006 0x1cbc  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:55:46.0014 0x1cbc  ============================================================
12:55:46.0014 0x1cbc  \Device\Harddisk0\DR0:
12:55:46.0015 0x1cbc  MBR partitions:
12:55:46.0015 0x1cbc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:55:46.0015 0x1cbc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x713CD800
12:55:46.0015 0x1cbc  \Device\Harddisk1\DR1:
12:55:46.0016 0x1cbc  MBR partitions:
12:55:46.0016 0x1cbc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E078B0
12:55:46.0016 0x1cbc  ============================================================
12:55:46.0034 0x1cbc  C: <-> \Device\Harddisk0\DR0\Partition2
12:55:46.0329 0x1cbc  D: <-> \Device\Harddisk1\DR1\Partition1
12:55:46.0329 0x1cbc  ============================================================
12:55:46.0329 0x1cbc  Initialize success
12:55:46.0329 0x1cbc  ============================================================
12:56:54.0267 0x1938  ============================================================
12:56:54.0267 0x1938  Scan started
12:56:54.0267 0x1938  Mode: Manual; SigCheck; TDLFS; 
12:56:54.0267 0x1938  ============================================================
12:56:54.0267 0x1938  KSN ping started
12:56:56.0569 0x1938  KSN ping finished: true
12:57:00.0441 0x1938  ================ Scan system memory ========================
12:57:00.0441 0x1938  System memory - ok
12:57:00.0442 0x1938  ================ Scan services =============================
12:57:00.0594 0x1938  1394ohci - ok
12:57:00.0597 0x1938  3ware - ok
12:57:00.0628 0x1938  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\windows\system32\drivers\acedrv11.sys
12:57:00.0660 0x1938  acedrv11 - ok
12:57:00.0691 0x1938  ACPI - ok
12:57:00.0694 0x1938  acpiex - ok
12:57:00.0697 0x1938  acpipagr - ok
12:57:00.0703 0x1938  AcpiPmi - ok
12:57:00.0705 0x1938  acpitime - ok
12:57:00.0807 0x1938  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:57:00.0815 0x1938  AdobeARMservice - ok
12:57:00.0939 0x1938  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:57:00.0949 0x1938  AdobeFlashPlayerUpdateSvc - ok
12:57:00.0954 0x1938  ADP80XX - ok
12:57:00.0991 0x1938  AFD - ok
12:57:01.0028 0x1938  agp440 - ok
12:57:01.0031 0x1938  ahcache - ok
12:57:01.0053 0x1938  AJRouter - ok
12:57:01.0062 0x1938  ALG - ok
12:57:01.0065 0x1938  AmdK8 - ok
12:57:01.0067 0x1938  AmdPPM - ok
12:57:01.0070 0x1938  amdsata - ok
12:57:01.0073 0x1938  amdsbs - ok
12:57:01.0075 0x1938  amdxata - ok
12:57:01.0129 0x1938  AppHostSvc - ok
12:57:01.0191 0x1938  AppID - ok
12:57:01.0194 0x1938  AppIDSvc - ok
12:57:01.0197 0x1938  Appinfo - ok
12:57:01.0200 0x1938  AppReadiness - ok
12:57:01.0255 0x1938  AppXSvc - ok
12:57:01.0257 0x1938  arcsas - ok
12:57:01.0352 0x1938  aspnet_state - ok
12:57:01.0354 0x1938  AsyncMac - ok
12:57:01.0357 0x1938  atapi - ok
12:57:01.0385 0x1938  AudioEndpointBuilder - ok
12:57:01.0388 0x1938  Audiosrv - ok
12:57:01.0468 0x1938  [ 93D08E24503EFC8D68520E8E4D44A3F0, 9B664107576C849D0D7E156785A9F39587270E6EC5D6EEE1866389BDD07087C3 ] AVerRECentral   C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
12:57:01.0490 0x1938  AVerRECentral - detected UnsignedFile.Multi.Generic ( 1 )
12:57:03.0821 0x1938  Detect skipped due to KSN trusted
12:57:03.0821 0x1938  AVerRECentral - ok
12:57:03.0911 0x1938  [ 960459A04A03C8B0675F496E62764C82, 6A0203F0DB2C99DBF027C975139760C20EE18A26F2E1E94D5BBEB988F28B6C45 ] AVerUSBPortChecker C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe
12:57:03.0920 0x1938  AVerUSBPortChecker - detected UnsignedFile.Multi.Generic ( 1 )
12:57:06.0251 0x1938  Detect skipped due to KSN trusted
12:57:06.0251 0x1938  AVerUSBPortChecker - ok
12:57:06.0302 0x1938  [ B9A342D168C5B0E54DB2678C91429067, 97C5C8120C6F2C12F2F2B95EFC4C9DB987291E35634C49277F03BEBB77BC5D81 ] AVMU3HC64       C:\WINDOWS\system32\drivers\avmu364.sys
12:57:06.0347 0x1938  AVMU3HC64 - ok
12:57:06.0350 0x1938  AxInstSV - ok
12:57:06.0353 0x1938  b06bdrv - ok
12:57:06.0372 0x1938  BasicDisplay - ok
12:57:06.0375 0x1938  BasicRender - ok
12:57:06.0378 0x1938  bcmfn - ok
12:57:06.0382 0x1938  bcmfn2 - ok
12:57:06.0384 0x1938  BDESVC - ok
12:57:06.0397 0x1938  Beep - ok
12:57:06.0404 0x1938  BFE - ok
12:57:06.0412 0x1938  BITS - ok
12:57:06.0444 0x1938  [ E6753AAFDD43A2C6A7092AF840CEEF49, FE8F68C40256276293A3E14B31581754D52DDD9F52C4674AFE728FA78B18690A ] Boonty Games    C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe
12:57:06.0449 0x1938  Boonty Games - detected UnsignedFile.Multi.Generic ( 1 )
12:57:08.0780 0x1938  Detect skipped due to KSN trusted
12:57:08.0780 0x1938  Boonty Games - ok
12:57:08.0783 0x1938  bowser - ok
12:57:08.0786 0x1938  BrokerInfrastructure - ok
12:57:08.0789 0x1938  Browser - ok
12:57:08.0795 0x1938  BthAvrcpTg - ok
12:57:08.0799 0x1938  BthHFEnum - ok
12:57:08.0801 0x1938  bthhfhid - ok
12:57:08.0804 0x1938  BthHFSrv - ok
12:57:08.0807 0x1938  BTHMODEM - ok
12:57:08.0811 0x1938  bthserv - ok
12:57:08.0814 0x1938  buttonconverter - ok
12:57:08.0821 0x1938  CapImg - ok
12:57:08.0824 0x1938  cdfs - ok
12:57:08.0827 0x1938  CDPSvc - ok
12:57:08.0830 0x1938  cdrom - ok
12:57:08.0833 0x1938  CertPropSvc - ok
12:57:08.0836 0x1938  circlass - ok
12:57:08.0838 0x1938  CLFS - ok
12:57:08.0842 0x1938  ClipSVC - ok
12:57:08.0850 0x1938  CmBatt - ok
12:57:08.0862 0x1938  CNG - ok
12:57:08.0864 0x1938  cnghwassist - ok
12:57:08.0913 0x1938  CompositeBus - ok
12:57:08.0916 0x1938  COMSysApp - ok
12:57:08.0919 0x1938  condrv - ok
12:57:08.0922 0x1938  CoreMessagingRegistrar - ok
12:57:09.0000 0x1938  [ 56B54823A79A53747CBE11F8C4DB7B1E, 9A523854FE84F15EFC1635D7F5D3E71812C45D6A4D2C99C29FDC4B4D9C84954C ] cpuz135         C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys
12:57:09.0005 0x1938  cpuz135 - ok
12:57:09.0032 0x1938  CryptSvc - ok
12:57:09.0135 0x1938  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:57:09.0159 0x1938  cvhsvc - ok
12:57:09.0162 0x1938  dam - ok
12:57:09.0185 0x1938  DcomLaunch - ok
12:57:09.0187 0x1938  DcpSvc - ok
12:57:09.0190 0x1938  defragsvc - ok
12:57:09.0193 0x1938  DeviceAssociationService - ok
12:57:09.0196 0x1938  DeviceInstall - ok
12:57:09.0199 0x1938  DevQueryBroker - ok
12:57:09.0203 0x1938  Dfsc - ok
12:57:09.0229 0x1938  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:57:09.0236 0x1938  dg_ssudbus - ok
12:57:09.0239 0x1938  Dhcp - ok
12:57:09.0285 0x1938  diagnosticshub.standardcollector.service - ok
12:57:09.0301 0x1938  DiagTrack - ok
12:57:09.0391 0x1938  [ DEE4A1F675EC604E9641B1A03CF1816F, A0AC84713DDFD9A94B8558DFA26B278FB29833C5663451CC582ACA85B29CBFD8 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
12:57:09.0402 0x1938  DigitalWave.Update.Service - ok
12:57:09.0489 0x1938  [ 2A312D761AE650B1BF1296733E872AAC, A05BB3B3BF2DA68599E593BB4367774A74141DE327092C77BCDA3C0F36C8D6AD ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
12:57:09.0499 0x1938  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
12:57:11.0840 0x1938  Detect skipped due to KSN trusted
12:57:11.0840 0x1938  DirMngr - ok
12:57:11.0843 0x1938  disk - ok
12:57:11.0869 0x1938  DmEnrollmentSvc - ok
12:57:11.0872 0x1938  dmvsc - ok
12:57:11.0876 0x1938  dmwappushservice - ok
12:57:11.0878 0x1938  Dnscache - ok
12:57:11.0882 0x1938  dot3svc - ok
12:57:11.0885 0x1938  DPS - ok
12:57:11.0916 0x1938  drmkaud - ok
12:57:11.0919 0x1938  DsmSvc - ok
12:57:11.0921 0x1938  DsSvc - ok
12:57:11.0947 0x1938  DXGKrnl - ok
12:57:11.0951 0x1938  e1iexpress - ok
12:57:11.0955 0x1938  Eaphost - ok
12:57:11.0959 0x1938  ebdrv - ok
12:57:11.0963 0x1938  EFS - ok
12:57:11.0967 0x1938  EhStorClass - ok
12:57:11.0984 0x1938  EhStorTcgDrv - ok
12:57:12.0037 0x1938  [ B927628E9BCE5AA671A0099CCAAD4726, BB0FFF1BB8E82EA879BD8EDE83F3E216E63CF5BC0E099C3BDC37533D00045AE4 ] ElgatoGC658Y    C:\WINDOWS\System32\Drivers\ElgatoGC658.sys
12:57:12.0044 0x1938  ElgatoGC658Y - ok
12:57:12.0047 0x1938  embeddedmode - ok
12:57:12.0050 0x1938  EntAppSvc - ok
12:57:12.0052 0x1938  ErrDev - ok
12:57:12.0075 0x1938  EventSystem - ok
12:57:12.0077 0x1938  exfat - ok
12:57:12.0114 0x1938  Fabs - ok
12:57:12.0117 0x1938  fastfat - ok
12:57:12.0120 0x1938  Fax - ok
12:57:12.0122 0x1938  fdc - ok
12:57:12.0125 0x1938  fdPHost - ok
12:57:12.0128 0x1938  FDResPub - ok
12:57:12.0142 0x1938  fhsvc - ok
12:57:12.0169 0x1938  FileCrypt - ok
12:57:12.0171 0x1938  FileInfo - ok
12:57:12.0174 0x1938  Filetrace - ok
12:57:12.0256 0x1938  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
12:57:12.0366 0x1938  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
12:57:14.0719 0x1938  Detect skipped due to KSN trusted
12:57:14.0720 0x1938  FirebirdServerMAGIXInstance - ok
12:57:14.0723 0x1938  flpydisk - ok
12:57:14.0726 0x1938  FltMgr - ok
12:57:14.0729 0x1938  FontCache - ok
12:57:14.0867 0x1938  FontCache3.0.0.0 - ok
12:57:14.0870 0x1938  FsDepends - ok
12:57:14.0873 0x1938  Fs_Rec - ok
12:57:14.0875 0x1938  fvevol - ok
12:57:14.0878 0x1938  gagp30kx - ok
12:57:14.0885 0x1938  gencounter - ok
12:57:14.0888 0x1938  genericusbfn - ok
12:57:14.0915 0x1938  [ 676B3710A6F3D3A97A4B5859BC0E0BB7, EAED8C9C7B965C105278A7F070CD96062687E73E3765C39EFE07EBFBABC18CBC ] GeneStor        C:\WINDOWS\System32\drivers\GeneStor.sys
12:57:14.0924 0x1938  GeneStor - ok
12:57:15.0128 0x1938  [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:57:15.0154 0x1938  GfExperienceService - ok
12:57:15.0159 0x1938  GPIOClx0101 - ok
12:57:15.0192 0x1938  gpsvc - ok
12:57:15.0195 0x1938  GpuEnergyDrv - ok
12:57:15.0275 0x1938  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:57:15.0291 0x1938  gupdate - ok
12:57:15.0297 0x1938  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:57:15.0304 0x1938  gupdatem - ok
12:57:15.0323 0x1938  HDAudBus - ok
12:57:15.0325 0x1938  HidBatt - ok
12:57:15.0328 0x1938  HidBth - ok
12:57:15.0332 0x1938  hidi2c - ok
12:57:15.0348 0x1938  hidinterrupt - ok
12:57:15.0351 0x1938  HidIr - ok
12:57:15.0353 0x1938  hidserv - ok
12:57:15.0357 0x1938  HidUsb - ok
12:57:15.0389 0x1938  [ CF07C0A9D38A248D036DD9C47E4D0D6E, 6952DA6466DAE2E378F92934E1925887DD122A511BC5D6A0EF2194108E320126 ] hmpalert        C:\windows\system32\drivers\hmpalert.sys
12:57:15.0396 0x1938  hmpalert - ok
12:57:15.0650 0x1938  [ 2638395F6E61889D75C363A80A0E17F4, D61FD993DA6605F32E6CDAC889285EB67F1A112BB9A294838BB90FCBF5FA11C1 ] hmpalertsvc     C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
12:57:15.0714 0x1938  hmpalertsvc - ok
12:57:15.0739 0x1938  HomeGroupListener - ok
12:57:15.0748 0x1938  HomeGroupProvider - ok
12:57:15.0751 0x1938  HpSAMD - ok
12:57:15.0758 0x1938  HTTP - ok
12:57:15.0760 0x1938  hwpolicy - ok
12:57:15.0780 0x1938  hyperkbd - ok
12:57:15.0783 0x1938  i8042prt - ok
12:57:15.0787 0x1938  iai2c - ok
12:57:15.0789 0x1938  iaLPSS2i_I2C - ok
12:57:15.0793 0x1938  iaLPSSi_GPIO - ok
12:57:15.0815 0x1938  iaLPSSi_I2C - ok
12:57:15.0818 0x1938  iaStorAV - ok
12:57:15.0820 0x1938  iaStorV - ok
12:57:15.0823 0x1938  ibbus - ok
12:57:15.0847 0x1938  icssvc - ok
12:57:15.0851 0x1938  IEEtwCollectorService - ok
12:57:15.0855 0x1938  IKEEXT - ok
12:57:15.0969 0x1938  [ BF12C1E788207253ED6BF657E0B9A290, F7F7C332B85781BF173CA44AE0125C7297D48D819EF822F1C1EF0C629D91D330 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
12:57:15.0974 0x1938  ImControllerService - ok
12:57:16.0079 0x1938  [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C, 0347B4277D8DF1EA371676D5718222963894F3697AE75A5F3370FC31F4B566F6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:57:16.0130 0x1938  IntcAzAudAddService - ok
12:57:16.0135 0x1938  intelide - ok
12:57:16.0174 0x1938  intelpep - ok
12:57:16.0176 0x1938  intelppm - ok
12:57:16.0179 0x1938  IoQos - ok
12:57:16.0182 0x1938  IpFilterDriver - ok
12:57:16.0185 0x1938  iphlpsvc - ok
12:57:16.0187 0x1938  IPMIDRV - ok
12:57:16.0190 0x1938  IPNAT - ok
12:57:16.0193 0x1938  IRENUM - ok
12:57:16.0196 0x1938  isapnp - ok
12:57:16.0199 0x1938  iScsiPrt - ok
12:57:16.0266 0x1938  [ 039BB7119511922B96CF7CFCF0DBC85C, 679C1A107A9B942C629D130278A1D68E27884F8D1A573DBE0DB118933DF00D03 ] iWinTrusted     C:\Program Files (x86)\Pogo Games\iWinTrusted.exe
12:57:16.0275 0x1938  iWinTrusted - ok
12:57:16.0404 0x1938  [ 1DED0D0AA513E2A5862B20A520D3A1E1, F592F890B8B4F8A152ABE395AA851AE46AFC4C447DADB38816344F9E0C4826B9 ] JME Keyboard    C:\Windows\jmesoft\Service.exe
12:57:16.0407 0x1938  JME Keyboard - detected UnsignedFile.Multi.Generic ( 1 )
12:57:18.0735 0x1938  Detect skipped due to KSN trusted
12:57:18.0735 0x1938  JME Keyboard - ok
12:57:18.0738 0x1938  kbdclass - ok
12:57:18.0741 0x1938  kbdhid - ok
12:57:18.0743 0x1938  kdnic - ok
12:57:18.0747 0x1938  KeyIso - ok
12:57:18.0750 0x1938  KSecDD - ok
12:57:18.0772 0x1938  KSecPkg - ok
12:57:18.0775 0x1938  ksthunk - ok
12:57:18.0781 0x1938  KtmRm - ok
12:57:18.0788 0x1938  LanmanServer - ok
12:57:18.0798 0x1938  LanmanWorkstation - ok
12:57:18.0828 0x1938  [ 184F24F629CB0EFB23A6296CCF242D1A, 9510CBE7778BC2A29B0BF867A60F3FDED7170A44E4197249B5CC1317E05E55CE ] LcUvcUpper      C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys
12:57:18.0868 0x1938  LcUvcUpper - ok
12:57:18.0894 0x1938  lfsvc - ok
12:57:18.0898 0x1938  LicenseManager - ok
12:57:18.0900 0x1938  lltdio - ok
12:57:18.0903 0x1938  lltdsvc - ok
12:57:18.0914 0x1938  lmhosts - ok
12:57:18.0952 0x1938  [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:57:18.0962 0x1938  LMS - ok
12:57:18.0967 0x1938  LSI_SAS - ok
12:57:18.0991 0x1938  LSI_SAS2i - ok
12:57:18.0994 0x1938  LSI_SAS3i - ok
12:57:18.0998 0x1938  LSI_SSS - ok
12:57:19.0001 0x1938  LSM - ok
12:57:19.0013 0x1938  luafv - ok
12:57:19.0020 0x1938  MapsBroker - ok
12:57:19.0088 0x1938  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
12:57:19.0093 0x1938  MBAMProtector - ok
12:57:19.0174 0x1938  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:57:19.0216 0x1938  MBAMService - ok
12:57:19.0228 0x1938  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
12:57:19.0235 0x1938  MBAMWebAccessControl - ok
12:57:19.0237 0x1938  megasas - ok
12:57:19.0240 0x1938  megasr - ok
12:57:19.0278 0x1938  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
12:57:19.0283 0x1938  MEIx64 - ok
12:57:19.0285 0x1938  MessagingService - ok
12:57:19.0315 0x1938  mlx4_bus - ok
12:57:19.0319 0x1938  MMCSS - ok
12:57:19.0323 0x1938  Modem - ok
12:57:19.0325 0x1938  monitor - ok
12:57:19.0328 0x1938  mouclass - ok
12:57:19.0331 0x1938  mouhid - ok
12:57:19.0334 0x1938  mountmgr - ok
12:57:19.0373 0x1938  [ 3357B0E793C8C1C22B4FCD3AF7085B10, 9759DA552486D2A3EC974CDED7B226CCAB27549A5D46015912A41A7C571829E0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:57:19.0381 0x1938  MozillaMaintenance - ok
12:57:19.0384 0x1938  mpsdrv - ok
12:57:19.0388 0x1938  MpsSvc - ok
12:57:19.0403 0x1938  MQAC - ok
12:57:19.0435 0x1938  MRxDAV - ok
12:57:19.0441 0x1938  mrxsmb - ok
12:57:19.0445 0x1938  mrxsmb10 - ok
12:57:19.0448 0x1938  mrxsmb20 - ok
12:57:19.0452 0x1938  MsBridge - ok
12:57:19.0463 0x1938  MSDTC - ok
12:57:19.0468 0x1938  Msfs - ok
12:57:19.0479 0x1938  msgpiowin32 - ok
12:57:19.0482 0x1938  mshidkmdf - ok
12:57:19.0501 0x1938  mshidumdf - ok
12:57:19.0550 0x1938  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\WINDOWS\System32\Drivers\nx6000.sys
12:57:19.0556 0x1938  MSHUSBVideo - ok
12:57:19.0558 0x1938  msisadrv - ok
12:57:19.0571 0x1938  MSiSCSI - ok
12:57:19.0574 0x1938  msiserver - ok
12:57:19.0576 0x1938  MSKSSRV - ok
12:57:19.0584 0x1938  MsLldp - ok
12:57:19.0610 0x1938  MSMQ - ok
12:57:19.0612 0x1938  MSPCLOCK - ok
12:57:19.0615 0x1938  MSPQM - ok
12:57:19.0632 0x1938  MsRPC - ok
12:57:19.0636 0x1938  mssmbios - ok
12:57:19.0638 0x1938  MSTEE - ok
12:57:19.0649 0x1938  MTConfig - ok
12:57:19.0651 0x1938  Mup - ok
12:57:19.0654 0x1938  mvumis - ok
12:57:19.0667 0x1938  NativeWifiP - ok
12:57:19.0699 0x1938  NcaSvc - ok
12:57:19.0702 0x1938  NcbService - ok
12:57:19.0724 0x1938  NcdAutoSetup - ok
12:57:19.0727 0x1938  ndfltr - ok
12:57:19.0731 0x1938  NDIS - ok
12:57:19.0735 0x1938  NdisCap - ok
12:57:19.0738 0x1938  NdisImPlatform - ok
12:57:19.0741 0x1938  NdisTapi - ok
12:57:19.0744 0x1938  Ndisuio - ok
12:57:19.0747 0x1938  NdisVirtualBus - ok
12:57:19.0750 0x1938  NdisWan - ok
12:57:19.0752 0x1938  ndiswanlegacy - ok
12:57:19.0756 0x1938  ndproxy - ok
12:57:19.0758 0x1938  Ndu - ok
12:57:19.0761 0x1938  NetBIOS - ok
12:57:19.0765 0x1938  NetBT - ok
12:57:19.0768 0x1938  Netlogon - ok
12:57:19.0772 0x1938  Netman - ok
12:57:19.0821 0x1938  NetMsmqActivator - ok
12:57:19.0823 0x1938  NetPipeActivator - ok
12:57:19.0849 0x1938  netprofm - ok
12:57:19.0870 0x1938  NetSetupSvc - ok
12:57:19.0872 0x1938  NetTcpActivator - ok
12:57:19.0874 0x1938  NetTcpPortSharing - ok
12:57:19.0880 0x1938  NgcCtnrSvc - ok
12:57:19.0883 0x1938  NgcSvc - ok
12:57:19.0886 0x1938  NlaSvc - ok
12:57:19.0889 0x1938  Npfs - ok
12:57:19.0892 0x1938  npsvctrig - ok
12:57:19.0895 0x1938  nsi - ok
12:57:19.0898 0x1938  nsiproxy - ok
12:57:19.0935 0x1938  NTFS - ok
12:57:19.0937 0x1938  Null - ok
12:57:19.0975 0x1938  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
12:57:19.0985 0x1938  NVHDA - ok
12:57:20.0275 0x1938  [ 5FB73F2354F2993136567EB209F4835A, 40EA334DEDEB76C101CC432D1D07E59F1CD123D01778BE80193F821FC211512B ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:57:20.0485 0x1938  nvlddmkm - ok
12:57:20.0601 0x1938  [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:57:20.0640 0x1938  NvNetworkService - ok
12:57:20.0644 0x1938  nvraid - ok
12:57:20.0647 0x1938  nvstor - ok
12:57:20.0695 0x1938  [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:57:20.0700 0x1938  NvStreamKms - ok
12:57:20.0831 0x1938  [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
12:57:20.0938 0x1938  NvStreamSvc - ok
12:57:21.0019 0x1938  [ AE16891F2D960D9B312D704A8122AB29, DD9767637CC34C3D0EED6243FAD3D3D321873A5B72688CAD31895655A933055F ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
12:57:21.0049 0x1938  nvsvc - ok
12:57:21.0099 0x1938  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:57:21.0105 0x1938  nvvad_WaveExtensible - ok
12:57:21.0108 0x1938  nv_agp - ok
12:57:21.0134 0x1938  OneSyncSvc - ok
12:57:21.0251 0x1938  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
12:57:21.0297 0x1938  Origin Client Service - ok
12:57:21.0353 0x1938  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:57:21.0360 0x1938  ose - ok
12:57:21.0532 0x1938  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:57:21.0630 0x1938  osppsvc - ok
12:57:21.0650 0x1938  p2pimsvc - ok
12:57:21.0660 0x1938  p2psvc - ok
12:57:21.0663 0x1938  Parport - ok
12:57:21.0666 0x1938  partmgr - ok
12:57:21.0669 0x1938  PcaSvc - ok
12:57:21.0676 0x1938  pci - ok
12:57:21.0678 0x1938  pciide - ok
12:57:21.0681 0x1938  pcmcia - ok
12:57:21.0685 0x1938  pcw - ok
12:57:21.0687 0x1938  pdc - ok
12:57:21.0694 0x1938  PEAUTH - ok
12:57:21.0706 0x1938  percsas2i - ok
12:57:21.0708 0x1938  percsas3i - ok
12:57:21.0778 0x1938  PerfHost - ok
12:57:21.0817 0x1938  PhoneSvc - ok
12:57:21.0819 0x1938  PimIndexMaintenanceSvc - ok
12:57:21.0823 0x1938  pla - ok
12:57:21.0848 0x1938  PlugPlay - ok
12:57:21.0850 0x1938  PNRPAutoReg - ok
12:57:21.0853 0x1938  PNRPsvc - ok
12:57:21.0878 0x1938  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
12:57:21.0887 0x1938  Point64 - ok
12:57:21.0921 0x1938  PolicyAgent - ok
12:57:21.0924 0x1938  Power - ok
12:57:21.0928 0x1938  PptpMiniport - ok
12:57:22.0064 0x1938  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:57:22.0180 0x1938  PrintNotify - ok
12:57:22.0186 0x1938  Processor - ok
12:57:22.0205 0x1938  ProfSvc - ok
12:57:22.0208 0x1938  Psched - ok
12:57:22.0358 0x1938  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf.sys
12:57:22.0363 0x1938  PSI - ok
12:57:22.0455 0x1938  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\WINDOWS\system32\Drivers\PxHlpa64.sys
12:57:22.0470 0x1938  PxHlpa64 - ok
12:57:22.0486 0x1938  QWAVE - ok
12:57:22.0510 0x1938  QWAVEdrv - ok
12:57:22.0536 0x1938  RasAcd - ok
12:57:22.0560 0x1938  RasAgileVpn - ok
12:57:22.0578 0x1938  RasAuto - ok
12:57:22.0583 0x1938  Rasl2tp - ok
12:57:22.0585 0x1938  RasMan - ok
12:57:22.0588 0x1938  RasPppoe - ok
12:57:22.0591 0x1938  RasSstp - ok
12:57:22.0595 0x1938  rdbss - ok
12:57:22.0599 0x1938  rdpbus - ok
12:57:22.0602 0x1938  RDPDR - ok
12:57:22.0607 0x1938  RdpVideoMiniport - ok
12:57:22.0610 0x1938  rdyboost - ok
12:57:22.0774 0x1938  [ 7DDDA9BA07D09441AFA696E80020AF99, E1B8DE034FBCFFEDB7AED442114E5645C43940F2A0B7335CA161D0486B53B30C ] RECentralService C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe
12:57:22.0827 0x1938  RECentralService - ok
12:57:22.0832 0x1938  ReFSv1 - ok
12:57:22.0859 0x1938  RemoteAccess - ok
12:57:22.0878 0x1938  RemoteRegistry - ok
12:57:22.0881 0x1938  RetailDemo - ok
12:57:22.0884 0x1938  RpcEptMapper - ok
12:57:22.0909 0x1938  RpcLocator - ok
12:57:22.0912 0x1938  RpcSs - ok
12:57:22.0915 0x1938  rspndr - ok
12:57:22.0918 0x1938  s3cap - ok
12:57:22.0956 0x1938  SamSs - ok
12:57:22.0958 0x1938  sbp2port - ok
12:57:22.0965 0x1938  SCardSvr - ok
12:57:22.0968 0x1938  ScDeviceEnum - ok
12:57:22.0970 0x1938  scfilter - ok
12:57:22.0980 0x1938  Schedule - ok
12:57:22.0995 0x1938  SCPolicySvc - ok
12:57:23.0000 0x1938  sdbus - ok
12:57:23.0003 0x1938  SDRSVC - ok
12:57:23.0010 0x1938  sdstor - ok
12:57:23.0013 0x1938  seclogon - ok
12:57:23.0079 0x1938  [ 9901DCF2B6DD2AD12CB42BD559E0C92D, 857A91A716858348C625A1CDE7E2D9B94FCD5654E6F72104073E1DD3EE35CE93 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
12:57:23.0107 0x1938  Secunia PSI Agent - ok
12:57:23.0165 0x1938  [ 4F2056349F8BA4154D5213BF8A476B14, 2B0ABC151CE03C26F832F07CDAFD9A8FAE5D18B7E1197B01299B123FD821B89C ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
12:57:23.0181 0x1938  Secunia Update Agent - ok
12:57:23.0185 0x1938  SENS - ok
12:57:23.0187 0x1938  SensorDataService - ok
12:57:23.0226 0x1938  SensorService - ok
12:57:23.0229 0x1938  SensrSvc - ok
12:57:23.0232 0x1938  SerCx - ok
12:57:23.0234 0x1938  SerCx2 - ok
12:57:23.0237 0x1938  Serenum - ok
12:57:23.0240 0x1938  Serial - ok
12:57:23.0243 0x1938  sermouse - ok
12:57:23.0250 0x1938  SessionEnv - ok
12:57:23.0255 0x1938  sfloppy - ok
12:57:23.0305 0x1938  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\WINDOWS\system32\DRIVERS\Sftfslh.sys
12:57:23.0327 0x1938  Sftfs - ok
12:57:23.0408 0x1938  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:57:23.0424 0x1938  sftlist - ok
12:57:23.0472 0x1938  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys
12:57:23.0483 0x1938  Sftplay - ok
12:57:23.0487 0x1938  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys
12:57:23.0494 0x1938  Sftredir - ok
12:57:23.0553 0x1938  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\WINDOWS\system32\DRIVERS\Sftvollh.sys
12:57:23.0560 0x1938  Sftvol - ok
12:57:23.0786 0x1938  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:57:23.0797 0x1938  sftvsa - ok
12:57:23.0868 0x1938  SharedAccess - ok
12:57:23.0928 0x1938  ShellHWDetection - ok
12:57:23.0931 0x1938  SiSRaid2 - ok
12:57:23.0936 0x1938  SiSRaid4 - ok
12:57:24.0043 0x1938  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:57:24.0057 0x1938  SkypeUpdate - ok
12:57:24.0107 0x1938  smphost - ok
12:57:24.0125 0x1938  SmsRouter - ok
12:57:24.0131 0x1938  SNMPTRAP - ok
12:57:24.0158 0x1938  [ F9369327409492097B0BB7CE86BD29DE, 7E9B7A9659A6971029E491C702C306E2078B8F5547FCF874FDA8BAD5898D5E25 ] Soluto          C:\WINDOWS\system32\Drivers\Soluto.sys
12:57:24.0165 0x1938  Soluto - ok
12:57:24.0249 0x1938  [ EFE379E87D9C989E673DC1AC97CCAE72, A51866136C86F4F606408EAEA2FC25AACBC97F33D9D31B38B1215A4A7CF4E824 ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
12:57:24.0257 0x1938  SolutoLauncherService - ok
12:57:24.0314 0x1938  [ 399F3ADEC39AD5DA85044D9DC7D7CDEA, B467F669DAE01643E3A04F3C3A8B0A5C4C02409DE28F8704785BF42FA0C8ABF9 ] SolutoService   C:\Program Files\Soluto\SolutoService.exe
12:57:24.0331 0x1938  SolutoService - ok
12:57:24.0354 0x1938  spaceport - ok
12:57:24.0357 0x1938  SpbCx - ok
12:57:24.0362 0x1938  Spooler - ok
12:57:24.0364 0x1938  sppsvc - ok
12:57:24.0368 0x1938  srv - ok
12:57:24.0371 0x1938  srv2 - ok
12:57:24.0374 0x1938  srvnet - ok
12:57:24.0412 0x1938  SSDPSRV - ok
12:57:24.0414 0x1938  SstpSvc - ok
12:57:24.0449 0x1938  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:57:24.0457 0x1938  ssudmdm - ok
12:57:24.0478 0x1938  StateRepository - ok
12:57:24.0566 0x1938  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:57:24.0585 0x1938  Steam Client Service - ok
12:57:24.0589 0x1938  stexstor - ok
12:57:24.0611 0x1938  stisvc - ok
12:57:24.0614 0x1938  storahci - ok
12:57:24.0617 0x1938  storflt - ok
12:57:24.0620 0x1938  stornvme - ok
12:57:24.0622 0x1938  storqosflt - ok
12:57:24.0642 0x1938  StorSvc - ok
12:57:24.0645 0x1938  storufs - ok
12:57:24.0648 0x1938  storvsc - ok
12:57:24.0650 0x1938  svsvc - ok
12:57:24.0653 0x1938  swenum - ok
12:57:24.0656 0x1938  swprv - ok
12:57:24.0684 0x1938  Synth3dVsc - ok
12:57:24.0697 0x1938  SysMain - ok
12:57:24.0705 0x1938  SystemEventsBroker - ok
12:57:24.0709 0x1938  TabletInputService - ok
12:57:24.0754 0x1938  [ BCD6A90D6FD757CE9C29DDC850F7F231, 8E736A42B28BE11EC524C40DFA1C7A88BBE10CBC97320F128BCBE44051BBCC81 ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
12:57:24.0761 0x1938  tap0901 - ok
12:57:24.0764 0x1938  TapiSrv - ok
12:57:24.0768 0x1938  Tcpip - ok
12:57:24.0770 0x1938  Tcpip6 - ok
12:57:24.0774 0x1938  tcpipreg - ok
12:57:24.0794 0x1938  tdx - ok
12:57:24.0797 0x1938  terminpt - ok
12:57:24.0800 0x1938  TermService - ok
12:57:24.0802 0x1938  Themes - ok
12:57:24.0805 0x1938  TieringEngineService - ok
12:57:24.0810 0x1938  tiledatamodelsvc - ok
12:57:24.0834 0x1938  TimeBroker - ok
12:57:24.0911 0x1938  [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:57:24.0918 0x1938  TomTomHOMEService - ok
12:57:24.0920 0x1938  TPM - ok
12:57:24.0923 0x1938  TrkWks - ok
12:57:24.0982 0x1938  TrustedInstaller - ok
12:57:24.0985 0x1938  tsusbflt - ok
12:57:24.0988 0x1938  TsUsbGD - ok
12:57:24.0991 0x1938  tunnel - ok
12:57:25.0004 0x1938  tzautoupdate - ok
12:57:25.0007 0x1938  uagp35 - ok
12:57:25.0009 0x1938  UASPStor - ok
12:57:25.0013 0x1938  UcmCx0101 - ok
12:57:25.0015 0x1938  UcmUcsi - ok
12:57:25.0019 0x1938  Ucx01000 - ok
12:57:25.0021 0x1938  UdeCx - ok
12:57:25.0024 0x1938  udfs - ok
12:57:25.0027 0x1938  UEFI - ok
12:57:25.0031 0x1938  Ufx01000 - ok
12:57:25.0035 0x1938  UfxChipidea - ok
12:57:25.0039 0x1938  ufxsynopsys - ok
12:57:25.0045 0x1938  UI0Detect - ok
12:57:25.0048 0x1938  uliagpkx - ok
12:57:25.0051 0x1938  umbus - ok
12:57:25.0053 0x1938  UmPass - ok
12:57:25.0057 0x1938  UmRdpService - ok
12:57:25.0062 0x1938  UnistoreSvc - ok
12:57:25.0181 0x1938  [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:57:25.0234 0x1938  UNS - ok
12:57:25.0239 0x1938  upnphost - ok
12:57:25.0242 0x1938  UrsChipidea - ok
12:57:25.0244 0x1938  UrsCx01000 - ok
12:57:25.0248 0x1938  UrsSynopsys - ok
12:57:25.0251 0x1938  usbaudio - ok
12:57:25.0254 0x1938  usbccgp - ok
12:57:25.0256 0x1938  usbcir - ok
12:57:25.0259 0x1938  usbehci - ok
12:57:25.0262 0x1938  usbhub - ok
12:57:25.0265 0x1938  USBHUB3 - ok
12:57:25.0268 0x1938  usbohci - ok
12:57:25.0270 0x1938  usbprint - ok
12:57:25.0273 0x1938  usbscan - ok
12:57:25.0296 0x1938  usbser - ok
12:57:25.0299 0x1938  USBSTOR - ok
12:57:25.0302 0x1938  usbuhci - ok
12:57:25.0305 0x1938  usbvideo - ok
12:57:25.0307 0x1938  USBXHCI - ok
12:57:25.0315 0x1938  UserDataSvc - ok
12:57:25.0339 0x1938  UserManager - ok
12:57:25.0342 0x1938  UsoSvc - ok
12:57:25.0346 0x1938  VaultSvc - ok
12:57:25.0350 0x1938  vdrvroot - ok
12:57:25.0353 0x1938  vds - ok
12:57:25.0357 0x1938  VerifierExt - ok
12:57:25.0360 0x1938  vhdmp - ok
12:57:25.0363 0x1938  vhf - ok
12:57:25.0365 0x1938  vmbus - ok
12:57:25.0369 0x1938  VMBusHID - ok
12:57:25.0441 0x1938  vmicguestinterface - ok
12:57:25.0444 0x1938  vmicheartbeat - ok
12:57:25.0448 0x1938  vmickvpexchange - ok
12:57:25.0451 0x1938  vmicrdv - ok
12:57:25.0454 0x1938  vmicshutdown - ok
12:57:25.0457 0x1938  vmictimesync - ok
12:57:25.0459 0x1938  vmicvmsession - ok
12:57:25.0462 0x1938  vmicvss - ok
12:57:25.0465 0x1938  volmgr - ok
12:57:25.0468 0x1938  volmgrx - ok
12:57:25.0471 0x1938  volsnap - ok
12:57:25.0474 0x1938  vpci - ok
12:57:25.0476 0x1938  vsmraid - ok
12:57:25.0480 0x1938  VSS - ok
12:57:25.0483 0x1938  VSTXRAID - ok
12:57:25.0485 0x1938  vwifibus - ok
12:57:25.0488 0x1938  vwififlt - ok
12:57:25.0497 0x1938  W32Time - ok
12:57:25.0527 0x1938  w3logsvc - ok
12:57:25.0550 0x1938  W3SVC - ok
12:57:25.0552 0x1938  WacomPen - ok
12:57:25.0556 0x1938  WalletService - ok
12:57:25.0559 0x1938  wanarp - ok
12:57:25.0561 0x1938  wanarpv6 - ok
12:57:25.0565 0x1938  WAS - ok
12:57:25.0568 0x1938  wbengine - ok
12:57:25.0571 0x1938  WbioSrvc - ok
12:57:25.0574 0x1938  Wcmsvc - ok
12:57:25.0577 0x1938  wcncsvc - ok
12:57:25.0579 0x1938  WcsPlugInService - ok
12:57:25.0582 0x1938  WdBoot - ok
12:57:25.0586 0x1938  Wdf01000 - ok
12:57:25.0590 0x1938  WdFilter - ok
12:57:25.0592 0x1938  WdiServiceHost - ok
12:57:25.0595 0x1938  WdiSystemHost - ok
12:57:25.0599 0x1938  wdiwifi - ok
12:57:25.0601 0x1938  WdNisDrv - ok
12:57:25.0650 0x1938  WdNisSvc - ok
12:57:25.0653 0x1938  WebClient - ok
12:57:25.0657 0x1938  Wecsvc - ok
12:57:25.0660 0x1938  WEPHOSTSVC - ok
12:57:25.0663 0x1938  wercplsupport - ok
12:57:25.0667 0x1938  WerSvc - ok
12:57:25.0670 0x1938  WFPLWFS - ok
12:57:25.0673 0x1938  WiaRpc - ok
12:57:25.0676 0x1938  WIMMount - ok
12:57:25.0678 0x1938  WinDefend - ok
12:57:25.0684 0x1938  WindowsTrustedRT - ok
12:57:25.0687 0x1938  WindowsTrustedRTProxy - ok
12:57:25.0690 0x1938  WinHttpAutoProxySvc - ok
12:57:25.0736 0x1938  [ 66C365B542195C1F6E2FF4A7D8F3827C, FB43A64453283D1B236AFF73F010B8F6106B971047313B9B4EBE925C4DD325A2 ] WinI2C-DDC      C:\WINDOWS\system32\drivers\DDCDrv.sys
12:57:25.0742 0x1938  WinI2C-DDC - ok
12:57:25.0745 0x1938  WinMad - ok
12:57:25.0797 0x1938  Winmgmt - ok
12:57:25.0823 0x1938  WinRM - ok
12:57:25.0852 0x1938  WINUSB - ok
12:57:25.0855 0x1938  WinVerbs - ok
12:57:25.0859 0x1938  WlanSvc - ok
12:57:25.0862 0x1938  wlidsvc - ok
12:57:25.0866 0x1938  WmiAcpi - ok
12:57:25.0870 0x1938  wmiApSrv - ok
12:57:25.0872 0x1938  WMPNetworkSvc - ok
12:57:25.0885 0x1938  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:57:25.0899 0x1938  Wof - ok
12:57:25.0921 0x1938  workfolderssvc - ok
12:57:25.0924 0x1938  wpcfltr - ok
12:57:25.0928 0x1938  WPDBusEnum - ok
12:57:25.0931 0x1938  WpdUpFltr - ok
12:57:25.0934 0x1938  WpnService - ok
12:57:25.0937 0x1938  ws2ifsl - ok
12:57:25.0940 0x1938  wscsvc - ok
12:57:25.0943 0x1938  WSDPrintDevice - ok
12:57:25.0945 0x1938  WSearch - ok
12:57:25.0950 0x1938  WSService - ok
12:57:25.0994 0x1938  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
12:57:26.0002 0x1938  wsvd - ok
12:57:26.0034 0x1938  wuauserv - ok
12:57:26.0037 0x1938  WudfPf - ok
12:57:26.0039 0x1938  WUDFRd - ok
12:57:26.0043 0x1938  wudfsvc - ok
12:57:26.0046 0x1938  WUDFWpdFs - ok
12:57:26.0049 0x1938  WUDFWpdMtp - ok
12:57:26.0053 0x1938  WwanSvc - ok
12:57:26.0063 0x1938  XblAuthManager - ok
12:57:26.0071 0x1938  XblGameSave - ok
12:57:26.0075 0x1938  xboxgip - ok
12:57:26.0110 0x1938  XboxNetApiSvc - ok
12:57:26.0112 0x1938  xinputhid - ok
12:57:26.0154 0x1938  [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy    C:\WINDOWS\system32\drivers\xspltspk.sys
12:57:26.0160 0x1938  XSplit_Dummy - ok
12:57:26.0161 0x1938  ================ Scan global ===============================
12:57:26.0338 0x1938  [ Global ] - ok
12:57:26.0339 0x1938  ================ Scan MBR ==================================
12:57:26.0356 0x1938  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:57:26.0592 0x1938  \Device\Harddisk0\DR0 - ok
12:57:26.0597 0x1938  [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk1\DR1
12:57:28.0234 0x1938  \Device\Harddisk1\DR1 - ok
12:57:28.0234 0x1938  ================ Scan VBR ==================================
12:57:28.0261 0x1938  [ C52FA642DE005161DC77EF30CC17D25A ] \Device\Harddisk0\DR0\Partition1
12:57:28.0321 0x1938  \Device\Harddisk0\DR0\Partition1 - ok
12:57:28.0323 0x1938  [ D9D9B0273360597EDDA123BA89FA1258 ] \Device\Harddisk0\DR0\Partition2
12:57:28.0378 0x1938  \Device\Harddisk0\DR0\Partition2 - ok
12:57:28.0379 0x1938  [ FB0927895D66DE3A731211672C21BBF2 ] \Device\Harddisk1\DR1\Partition1
12:57:28.0452 0x1938  \Device\Harddisk1\DR1\Partition1 - ok
12:57:28.0452 0x1938  ================ Scan generic autorun ======================
12:57:28.0744 0x1938  [ 45E702A7E81E81EB87F6E7A4B9643E42, CBD228AAF64712D80DD1FB5A029D6D8BCA88C955480042AAA17F59A39E5AF2A4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:57:29.0048 0x1938  RtHDVCpl - ok
12:57:29.0140 0x1938  [ ADEE6790FCB6C661F805EF35FD786F9D, 302C1E7593B97D4EBE83554D5A51DB026C9D02802C010409E32049657934219C ] C:\windows\SysWOW64\UMonit.exe
12:57:29.0151 0x1938  UMonit - detected UnsignedFile.Multi.Generic ( 1 )
12:57:31.0499 0x1938  Detect skipped due to KSN trusted
12:57:31.0499 0x1938  UMonit - ok
12:57:31.0566 0x1938  [ 32F1A63C86D009D95994B543511D6E5C, 72336A7DC97E407381262A98311601515AE39D8003EEF6E136114836B382485F ] C:\windows\system32\spool\drivers\x64\3\WrtMon.exe
12:57:31.0578 0x1938  WrtMon.exe - detected UnsignedFile.Multi.Generic ( 1 )
12:57:33.0904 0x1938  Detect skipped due to KSN trusted
12:57:33.0904 0x1938  WrtMon.exe - ok
12:57:34.0044 0x1938  [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:57:34.0117 0x1938  NvBackend - ok
12:57:34.0164 0x1938  ShadowPlay - ok
12:57:34.0188 0x1938  [ 7CF072E03D4F943B1FE20339B973EDBB, B41E7B02A2C747997F18FAE1F7D563BB6CE23BBFFB13FF4073A2551BD88F5C36 ] C:\windows\jmesoft\hotkey.exe
12:57:34.0202 0x1938  jmekey - detected UnsignedFile.Multi.Generic ( 1 )
12:57:35.0002 0x1ef8  Object required for P2P: [ 45E702A7E81E81EB87F6E7A4B9643E42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:57:36.0526 0x1938  Detect skipped due to KSN trusted
12:57:36.0526 0x1938  jmekey - ok
12:57:36.0566 0x1938  [ 69920C35DF3B358232927CC9748A8BCA, 6F062CB19A4414B76F467331BE09EAB1CD151E2B301DCC0B024F1387E7B2AB45 ] C:\Windows\jmesoft\ServiceLoader.exe
12:57:36.0580 0x1938  jmesoft - detected UnsignedFile.Multi.Generic ( 1 )
12:57:37.0498 0x1ef8  Object send P2P result: true
12:57:38.0910 0x1938  Detect skipped due to KSN trusted
12:57:38.0910 0x1938  jmesoft - ok
12:57:38.0945 0x1938  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:57:38.0952 0x1938  NUSB3MON - ok
12:57:38.0986 0x1938  [ 00C258A28E60367721D2DE20F879590F, 5948FCCA99E23398596079123C916CCC89FB3F2B59DC8CF540D364BB133B5AAD ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
12:57:39.0007 0x1938  Lenovo Eye Distance System - detected UnsignedFile.Multi.Generic ( 1 )
12:57:41.0684 0x1938  Detect skipped due to KSN trusted
12:57:41.0684 0x1938  Lenovo Eye Distance System - ok
12:57:41.0727 0x1938  [ 77515D65E4D2735773A6626EBF86B838, 8E87E09199983B349D98C2D175FBA44CA534B6FF6AB1F51E117B5E2600EF95C2 ] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
12:57:41.0749 0x1938  Lenovo Dynamic Brightness System - detected UnsignedFile.Multi.Generic ( 1 )
12:57:44.0164 0x1938  Lenovo Dynamic Brightness System ( UnsignedFile.Multi.Generic ) - warning
12:57:46.0576 0x1938  [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe
12:57:46.0585 0x1938  UpdatePRCShortCut - ok
12:57:46.0659 0x1938  [ 696A74A2E7AAD166D0A97499A43AD084, A661156C420B3198A82A6A395B986B28E89645CCFEFF4ED68B95EE5FC447E032 ] C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Plus\TrayServer_de.exe
12:57:46.0666 0x1938  TrayServer - detected UnsignedFile.Multi.Generic ( 1 )
12:57:48.0996 0x1938  Detect skipped due to KSN trusted
12:57:48.0996 0x1938  TrayServer - ok
12:57:48.0997 0x1938  phc700 - ok
12:57:49.0076 0x1938  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
12:57:49.0083 0x1938  HP Software Update - ok
12:57:49.0102 0x1938  OneDriveSetup - ok
12:57:49.0103 0x1938  OneDriveSetup - ok
12:57:49.0177 0x1938  [ 42CD0245D2BE7184E774BC89DAA4F6C2, EDF4942E9A27478241CB33ECC8F75239AD0E294D1CD2202DB9F707BD6873B2FC ] C:\Program Files (x86)\puush\puush.exe
12:57:49.0194 0x1938  puush - ok
12:57:49.0313 0x1938  [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\Program Files (x86)\Steam\steam.exe
12:57:49.0371 0x1938  Steam - ok
12:57:49.0424 0x1938  GoogleDriveSync - ok
12:57:49.0532 0x1938  [ 706A181D11D8589B0A9E2625E72423CF, BC0624B3BF5312DF5B54D6B23ADD7C6E94708968E4ACC3340BE23A3E87A8D2E0 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
12:57:49.0542 0x1938  TomTomHOME.exe - ok
12:57:49.0734 0x1938  [ 5400677699FBBBDFF1CB48D05AF55EEC, A3F3DC72CAB8FD57B5D7FB5BB2DFD67170BD43063F9AAE3EEAD5BC3CF22A0A0D ] C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
12:57:49.0766 0x1938  Spotify Web Helper - ok
12:57:49.0871 0x1938  [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Georg\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:57:49.0890 0x1938  OneDrive - ok
12:57:50.0080 0x1938  [ 634859A97475593D7D8DE0894D4F2A4A, 6985B1862C2B354837A233924FED6CFCE2BE4866F1EF65E72D768C2F45952D38 ] C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
12:57:50.0219 0x1938  Spotify - ok
12:57:50.0251 0x1938  Skype - ok
12:57:50.0259 0x1938  [ 706A181D11D8589B0A9E2625E72423CF, BC0624B3BF5312DF5B54D6B23ADD7C6E94708968E4ACC3340BE23A3E87A8D2E0 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
12:57:50.0268 0x1938  TomTomHOME.exe - ok
12:57:50.0375 0x1938  [ 1F93DAF10BC91666F52FC5B9632C86EB, 3D2AE1090198AAEE7CDB587ED1D2784B9FF4E4B03F4F65BC2F46E28B136F3F01 ] C:\Users\Andere\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:57:50.0395 0x1938  OneDrive - ok
12:57:50.0420 0x1938  Uninstall C:\Users\Andere\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 - ok
12:57:50.0422 0x1938  OneDriveSetup - ok
12:57:50.0471 0x1938  WAB Migrate - ok
12:57:50.0471 0x1938  Waiting for KSN requests completion. In queue: 10
12:57:51.0471 0x1938  Waiting for KSN requests completion. In queue: 9
12:57:52.0472 0x1938  Waiting for KSN requests completion. In queue: 9
12:57:52.0801 0x21e8  Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\Program Files (x86)\Steam\steam.exe
12:57:53.0472 0x1938  Waiting for KSN requests completion. In queue: 7
12:57:54.0472 0x1938  Waiting for KSN requests completion. In queue: 7
12:57:55.0207 0x21e8  Object send P2P result: true
12:57:55.0207 0x21e8  Object required for P2P: [ 634859A97475593D7D8DE0894D4F2A4A ] C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
12:57:55.0472 0x1938  Waiting for KSN requests completion. In queue: 2
12:57:56.0472 0x1938  Waiting for KSN requests completion. In queue: 2
12:57:57.0472 0x1938  Waiting for KSN requests completion. In queue: 2
12:57:57.0628 0x21e8  Object send P2P result: true
12:57:58.0512 0x1938  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
12:57:58.0518 0x1938  Win FW state via NFP2: enabled ( trusted )
12:58:00.0858 0x1938  ============================================================
12:58:00.0858 0x1938  Scan finished
12:58:00.0858 0x1938  ============================================================
12:58:00.0865 0x335c  Detected object count: 1
12:58:00.0865 0x335c  Actual detected object count: 1
12:59:53.0934 0x335c  Lenovo Dynamic Brightness System ( UnsignedFile.Multi.Generic ) - skipped by user
12:59:53.0934 0x335c  Lenovo Dynamic Brightness System ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Wie geht's weiter?

Gruß,
Juri9


Alt 05.03.2016, 13:19   #6
M-K-D-B
/// TB-Ausbilder
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Servus,



bei Schritt 1 beachten:
Chrome Richtlinien zurücksetzen NICHT auswählen


Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)

Alt 05.03.2016, 14:33   #7
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Ich werde die Logs mal wieder einzeln posten. Jeden Log sofort, wenn er fertig wird.

AdwCleaner[C1].txt:
Code:
ATTFilter
# AdwCleaner v5.037 - Bericht erstellt am 05/03/2016 um 14:27:56
# Aktualisiert am 28/02/2016 von Xplode
# Datenbank : 2016-02-28.2 [Lokal]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Georg - GEORG-PC
# Gestartet von : C:\Users\Georg\Desktop\AdwCleaner_5.037.exe
# Option : Löschen
# Unterstützung : http://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\iWin
[-] Ordner Gelöscht : C:\ProgramData\Trymedia
[-] Ordner Gelöscht : C:\ProgramData\wincert
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
[-] Ordner Gelöscht : C:\Users\Andere\Mysearchdial
[-] Ordner Gelöscht : C:\Users\Andere\AppData\Local\iLivid
[-] Ordner Gelöscht : C:\Users\Andere\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\dvdvideosoftiehelpers

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : RunAsStdUser Task

***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de

***** [ Internetbrowser ] *****

[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.aflt", "airmsd");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1B1Q");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cr", "1506745486");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.instlRef", "");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cr", "1506745486");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1H1[...]
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.id", "C89CDCE712ED729A");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlDay", "15915");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1C1[...]
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=airmsd&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1T1L1[...]
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsn", "");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsni", "");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[-] [C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "18:32:54");
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mobile.1und1.de
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.ask.com
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : ask search
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EDE&gct=&itbv=12.7.0.15&doi=2014-01-30&apn_uid=9877A161-AAD0-449A-8C0E-874086D5F201&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=cr_32.0.1700.102&psv=&trgb=CR&tbv=&crxv=&q={searchTerms}
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : licjnkifamhpbaefhdpacpmihicfbomb
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pflphaooapbgpeakohlggbpidpppgdff
[-] [C:\Users\Andere\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pljcgbedjplidkdjahbaalanadmjfgop

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9525 Bytes] - [05/03/2016 14:27:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [9238 Bytes] - [05/03/2016 14:25:42]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9671 Bytes] ##########
         
MBAM-Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.03.2016
Suchlaufzeit: 14:44
Protokolldatei: log2.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.05.03
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Georg

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 549620
Abgelaufene Zeit: 33 Min., 53 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 17
PUP.Optional.MySearch, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0EyBtCtB0E0DyBtBzy0AtL1C1H1B1Q");), Ersetzt,[a384562e64356ec8a4b1bc713fc6be42]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "C89CDCE712ED729A");), Ersetzt,[f136552f68318bab1c3d101d3dc843bd]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "C89CDCE712ED72), Ersetzt,[0d1abcc88f0a5cda78e138f537ce17e9]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (


user_pref("extensions.mysearchdial.id", "), Ersetzt,[9c8bc6be1e7bd462c594a08d41c4ba46]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ensiial.


user_pref("extensions.mysearchdia), Ersetzt,[c166295be8b12412550479b427de9d63]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (nsiial.


user_pref("extensions.mysearchdial.id", "C89C), Ersetzt,[56d1f98bedac5cdaf663f13cf510e41c]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (
user_pref("extensions.mysearchdial.id", "C89CDCE712ED729A")), Ersetzt,[8b9cd2b2e8b1de58c6939697a95c03fd]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ser_pref("extensions.mysearchdial.id", "C89CDCE712ED729A");), Ersetzt,[a582d0b4cecbc670e67346e735d0916f]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (
user_pref("extensions.mysearchdial.id", "C89CDCE712), Ersetzt,[ba6d81035346fd396ceda8858c793ec2]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (l.


user_pref("extensions.mysearchdial.id", "C89CDC), Ersetzt,[80a74242b1e89f976aef939a7194e11f]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (


user_pref("extensions.mysearchdial.id", "C89CDC), Ersetzt,[b473e2a2e9b0a88e61f8ae7fcd38c838]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (l.


user_pref("extensions.mysearchdial.id", "C), Ersetzt,[9097bfc5abee36000f4aec4110f5768a]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ial.


user_pref("extensions.mysearchdial.id",), Ersetzt,[84a3176d0792e3531e3b46e7fd08e917]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (iial.


user_pref("extensions.mysearchdial.id", "C89CDCE712ED729A");
user_pref("e), Ersetzt,[4ed9c7bd8d0c999d23363af365a0916f]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (earchdial.id", "C89CDCE712ED729A");
user_pref("exte), Ersetzt,[51d654303f5a47ef97c275b863a24eb2]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (ial.


user_pref("extensions.mysearchdial.id", "C89), Ersetzt,[091e572d5d3c082e9cbdda535ca9ac54]
PUP.Optional.MySearchDial, C:\Users\Andere\AppData\Roaming\Mozilla\Firefox\Profiles\751b2fvt.default\user.js, Gut: (), Schlecht: (


user_pref("extensions.mysearchdial.id", "C89CDCE712ED729A");
user_pref("extensions.mysearchdial), Ersetzt,[022588fcff9abb7bf960a48961a4fa06]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT.txt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 10 Home x64 
Ran by Georg (Administrator) on 05.03.2016 at 15:23:22,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 6 

Successfully deleted: C:\Users\Georg\AppData\Roaming\alawar (Folder) 
Successfully deleted: C:\Users\Georg\Documents\my pagemanager (Folder) 
Successfully deleted: C:\WINDOWS\system32\newsoft (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEYOUTUBEDOWNLOADCLASSIC118-83CA95F3.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEYOUTUBEDOWNLOADCLASSIC118-870E9909.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEYTVDOWNLOADER.EXE-60CDA799.pf (File) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.03.2016 at 15:25:38,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016
durchgeführt von Georg (Administrator) auf GEORG-PC (05-03-2016 15:28:39)
Gestartet von C:\Users\Georg\Desktop
Geladene Profile: Georg (Verfügbare Profile: Georg & Andere & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(<AVerMedia>) C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\iWinTrusted.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Plus\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [phc700] => C:\windows\system32\vphc700.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit,
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify Web Helper] => C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify] => C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\MountPoints2: {9537da85-6a63-11e5-9bd6-c89cdce712ed} - "G:\HTC_Sync_Manager_PC.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-10-29]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin700.exe.lnk [2012-09-08]
ShortcutTarget: TrayMin700.exe.lnk -> C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe ()
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-01-22]
ShortcutTarget: Telegram.lnk -> C:\Users\Georg\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2015-11-16]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyUsers\S-1-5-21-2764890169-2354917355-972681180-1002\User: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b2938fa1-8998-4697-b61c-3e7448cf269d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://de.msn.com/?pc=BB07
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {C88215D9-8C4C-4C02-BD96-C2F219F35ED5} URL = hxxp://www.bing.com/search?FORM=BB07DF&PC=BB07&q={searchTerms}&src=IE-SearchBox
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1369826421840
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\jg9od9kn.default-1449067715926
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2764890169-2354917355-972681180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Georg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-02-29]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-19]
CHR Extension: (Skype-Anrufe) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-11-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-08-30]
CHR Extension: (Animal Crossing Music) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldjcaihhhmemeidcfbcadilcmfdaikkg [2015-04-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (YouTube Unblocker) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-30] [UpdateUrl: hxxp://www.unblocker.yt/addon/chrome/updates.xml] <==== ACHTUNG
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-01-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-30]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-25]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-09-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-30]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-21]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-22]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Full Page Screen Capture) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fdpohaocaechififmbbbbbknoalclacl [2015-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Präsentationen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-12]
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Georg\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-29]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [373248 2014-01-16] (AVerMedia TECHNOLOGIES, Inc.) [Datei ist nicht signiert]
R2 AVerUSBPortChecker; C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe [182784 2015-02-25] (<AVerMedia>) [Datei ist nicht signiert]
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2013-11-09] (BOONTY) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-10] (SurfRight B.V.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)
R2 iWinTrusted; C:\Program Files (x86)\Pogo Games\iWinTrusted.exe [216920 2015-10-02] (iWin Inc.)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-03] (Electronic Arts)
R2 RECentralService; C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe [2553152 2015-07-27] (AVerMedia TECHNOLOGIES, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [159800 2012-10-28] (Soluto)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVMU3HC64; C:\Windows\system32\drivers\avmu364.sys [677632 2015-05-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 cpuz135; C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys [24368 2015-11-19] (CPUID)
R3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R2 hmpalert; C:\windows\system32\drivers\hmpalert.sys [93144 2014-04-10] ()
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-10-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-05 15:25 - 2016-03-05 15:25 - 00001153 _____ C:\Users\Georg\Desktop\JRT.txt
2016-03-05 15:22 - 2016-03-05 15:22 - 01609216 _____ (Malwarebytes) C:\Users\Georg\Desktop\JRT.exe
2016-03-05 14:33 - 2016-03-05 14:33 - 00009761 _____ C:\Users\Georg\Desktop\AdwCleaner[C1].txt
2016-03-05 14:24 - 2016-03-05 14:27 - 00000000 ____D C:\AdwCleaner
2016-03-05 14:22 - 2016-03-05 14:24 - 01518592 _____ C:\Users\Georg\Desktop\AdwCleaner_5.037.exe
2016-03-05 12:55 - 2016-03-05 13:11 - 00095292 _____ C:\TDSSKiller.3.1.0.9_05.03.2016_12.55.37_log.txt
2016-03-05 12:54 - 2016-03-05 12:55 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Georg\Desktop\tdsskiller.exe
2016-03-05 12:50 - 2016-03-05 12:53 - 00083865 _____ C:\Users\Georg\Desktop\Addition.txt
2016-03-05 12:49 - 2016-03-05 15:28 - 00035022 _____ C:\Users\Georg\Desktop\FRST.txt
2016-03-05 12:49 - 2016-03-05 15:28 - 00000000 ____D C:\FRST
2016-03-05 12:47 - 2016-03-05 12:49 - 02374144 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2016-03-05 00:25 - 2016-03-05 00:25 - 00000930 _____ C:\Users\Georg\Desktop\Fixlist.txt
2016-03-04 23:33 - 2016-03-05 14:29 - 00000022 _____ C:\WINDOWS\S.dirmngr
2016-03-04 20:44 - 2016-03-04 20:44 - 00159644 _____ C:\Users\Georg\Documents\Gebe immer 100%.pdf
2016-03-03 14:35 - 2016-03-03 14:35 - 00257752 _____ C:\Users\Georg\Documents\Ticket_gamescom2016_4YRhQ82geAJ9G.pdf
2016-03-03 14:25 - 2016-03-03 14:25 - 00090890 _____ C:\Users\Georg\Desktop\invoice-10654-dim.vv.gamescom2016.91.11867.1865.pdf
2016-03-02 15:32 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 15:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 15:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 15:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 15:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 15:31 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-02 15:31 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-02 15:31 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 15:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 15:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 15:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 15:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-02 15:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 15:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 15:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 15:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 15:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 15:31 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-02 15:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 15:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 15:31 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 15:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 15:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 15:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 15:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 15:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 15:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-02 15:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 15:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 15:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 15:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 15:31 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-02 15:31 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-02 15:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 15:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 15:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 15:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 15:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 15:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-02 15:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 15:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 15:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 15:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 15:30 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 15:30 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 15:30 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 15:30 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 15:30 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-02 15:30 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-02 15:30 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 15:30 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 15:30 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 15:30 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 15:30 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 15:30 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 15:30 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 15:30 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 15:30 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 15:30 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 15:30 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-02 15:30 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 15:30 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 15:30 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 15:30 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 15:30 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 15:30 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 15:30 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 15:30 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 15:30 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-02 15:30 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 15:30 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-02 15:30 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 15:30 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 15:30 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 15:30 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 15:30 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 15:30 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 23:52 - 2016-03-01 23:52 - 00003945 _____ C:\Users\Georg\AppData\Local\recently-used.xbel
2016-02-28 22:10 - 2016-02-28 22:10 - 04078592 _____ (GraMMa Interactive ) C:\Users\Georg\Desktop\GraMMasNotAnotherFangame.exe
2016-02-28 21:52 - 2016-02-28 21:52 - 01989166 _____ C:\Users\Georg\Desktop\bebefreu4.mov
2016-02-19 20:45 - 2016-02-19 20:45 - 00000000 ____D C:\Users\Georg\AppData\Local\KADOKAWA
2016-02-19 20:39 - 2016-02-19 20:46 - 00000000 ____D C:\Users\Georg\Desktop\Gogogo11111
2016-02-12 21:16 - 2016-02-12 21:16 - 00000116 _____ C:\Users\Georg\.jasmin
2016-02-12 21:15 - 2016-02-12 21:15 - 00549021 _____ C:\Users\Georg\Desktop\Jasmin-1.5.8.jar
2016-02-09 21:37 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 21:37 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 21:37 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 21:37 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 21:37 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 21:36 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 21:36 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 21:36 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 21:36 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 21:36 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 21:36 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 21:36 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 21:36 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 21:36 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 21:36 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 21:36 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-04 12:49 - 2016-02-05 10:57 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-05 15:24 - 2012-09-05 16:31 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Skype
2016-03-05 14:48 - 2014-11-14 19:38 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job
2016-03-05 14:44 - 2015-03-29 08:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-05 14:43 - 2014-05-08 15:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job
2016-03-05 14:36 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Spotify
2016-03-05 14:35 - 2012-09-08 13:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-05 14:31 - 2015-08-15 21:09 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Telegram Desktop
2016-03-05 14:31 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Local\Spotify
2016-03-05 14:31 - 2012-09-17 16:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-05 14:30 - 2014-11-14 19:38 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job
2016-03-05 14:30 - 2012-03-21 13:42 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-05 14:29 - 2015-11-16 10:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-05 14:28 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Andere
2016-03-05 14:28 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-05 13:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-05 12:33 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-04 23:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Performance
2016-03-04 23:31 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Georg
2016-03-04 23:31 - 2012-09-11 16:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\SoftGrid Client
2016-03-04 22:41 - 2016-02-01 23:20 - 00000000 ____D C:\Users\Georg\Desktop\Informatikzeugs
2016-03-04 22:36 - 2012-09-22 12:46 - 00000000 ____D C:\Users\Georg\Desktop\Kram
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2012-09-03 19:11 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-04 20:38 - 2015-12-09 19:42 - 00000000 ____D C:\Users\Georg\Documents\Scans
2016-03-03 17:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 14:07 - 2015-07-31 20:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 08:00 - 2015-11-16 09:57 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 08:00 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-03 08:00 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-03 08:00 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-03 07:53 - 2015-11-16 09:47 - 02393944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-03 07:52 - 2012-09-08 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-02 23:05 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-02 17:16 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-01 23:56 - 2012-09-27 18:45 - 00000000 ____D C:\Users\Georg\.gimp-2.8
2016-03-01 23:24 - 2015-09-16 06:19 - 00000000 ____D C:\Users\Georg\Desktop\Scans
2016-02-29 20:24 - 2012-09-02 09:43 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2016-02-29 15:09 - 2012-09-05 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-02-22 07:46 - 2016-01-10 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-02-20 08:47 - 2012-03-21 13:42 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:27 - 2015-11-03 06:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 05:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-17 12:09 - 2012-09-03 18:29 - 00000000 ____D C:\Users\Andere\AppData\Local\Lenovo
2016-02-17 07:12 - 2012-10-11 14:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-16 12:44 - 2012-10-01 19:00 - 00000000 ____D C:\Users\Georg\Georgs Kram
2016-02-13 19:12 - 2015-10-15 19:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Human Resource Machine
2016-02-10 09:50 - 2015-08-02 12:49 - 00002424 _____ C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 09:50 - 2015-08-02 12:49 - 00000000 ___RD C:\Users\Andere\OneDrive
2016-02-09 21:57 - 2013-07-31 10:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 21:38 - 2012-08-31 14:15 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 14:10 - 2013-05-29 17:08 - 00000000 ___RD C:\Users\Georg\Google Drive
2016-02-09 14:10 - 2012-08-30 10:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-09 14:10 - 2012-08-30 10:22 - 00000000 ____D C:\Users\Georg\AppData\Local\Lenovo
2016-02-08 08:45 - 2015-07-31 22:09 - 00256968 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2016-02-06 01:26 - 2014-05-22 19:11 - 00000000 ____D C:\Users\Georg\Desktop\WA Archiv
2016-02-04 23:58 - 2013-08-15 18:21 - 00000000 ____D C:\ProgramData\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-14 12:50 - 2013-09-11 20:18 - 0012005 _____ () C:\Users\Georg\AppData\Roaming\alsoft.ini
2013-02-28 17:25 - 2015-01-25 11:27 - 0008704 _____ () C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-01 23:52 - 2016-03-01 23:52 - 0003945 _____ () C:\Users\Georg\AppData\Local\recently-used.xbel
2013-12-16 16:19 - 2013-12-16 16:19 - 0007605 _____ () C:\Users\Georg\AppData\Local\Resmon.ResmonCfg
2014-08-09 16:55 - 2014-08-09 16:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-03-21 13:37 - 2012-03-21 13:37 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2012-10-29 20:47 - 2012-10-29 20:47 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
C:\Users\Georg\Minecraft.exe


Einige Dateien in TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Georg\AppData\Local\Temp\sqlite3.dll
C:\Users\Georg\AppData\Local\Temp\tmd_34014152.exe
C:\Users\Georg\AppData\Local\Temp\ubiF044.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-24 17:30

==================== Ende von FRST.txt ============================
         

Alt 05.03.2016, 14:34   #8
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016
durchgeführt von Georg (2016-03-05 15:29:38)
Gestartet von C:\Users\Georg\Desktop
Windows 10 Home Version 1511 (X64) (2015-11-16 09:34:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2764890169-2354917355-972681180-500 - Administrator - Disabled)
Andere (S-1-5-21-2764890169-2354917355-972681180-1002 - Administrator - Enabled) => C:\Users\Andere
cexyuxxekbas (S-1-5-21-2764890169-2354917355-972681180-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-2764890169-2354917355-972681180-503 - Limited - Disabled)
Gast (S-1-5-21-2764890169-2354917355-972681180-501 - Limited - Disabled)
Georg (S-1-5-21-2764890169-2354917355-972681180-1001 - Administrator - Enabled) => C:\Users\Georg
HomeGroupUser$ (S-1-5-21-2764890169-2354917355-972681180-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Akademie der Magie (HKLM-x32\...\Akademie der Magie) (Version:  - )
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
AVerMedia C875 Live Gamer Portable 3.7.64.23 (HKLM-x32\...\AVerMedia C875 Live Gamer Portable) (Version: 3.7.64.23 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Live Gamer EXTREME 1.0.64.61 (HKLM-x32\...\AVerMedia Live Gamer EXTREME) (Version: 1.0.64.61 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.84 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.84 - AVerMedia Technologies, Inc.) Hidden
AVerMedia RECentral 2 (HKLM-x32\...\InstallShield_{D4F8EA9E-80D3-46B3-A5D9-7D264D319297}) (Version: 2.0.0.36 - AVerMedia Technologies, Inc.)
AVerMedia RECentral 2 (x32 Version: 2.0.0.36 - AVerMedia Technologies, Inc.) Hidden
Bejeweled 2 Deluxe 1.0 (HKLM-x32\...\Bejeweled 2 Deluxe 1.0) (Version:  - )
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bejeweled Twist (HKLM-x32\...\Bejeweled Twist) (Version: 1.0.3.7482 - Pogo)
Bejeweled Twist 1.0.3.8137 (HKLM-x32\...\Bejeweled Twist 1.0.3.8137) (Version: 1.0.3.8137 - PopCap Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version:  - Gaijin Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bookworm Adventures Deluxe 1.0.1.100 (HKLM-x32\...\Bookworm Adventures Deluxe 1.0.1.100) (Version:  - )
Bookworm Deluxe 1.131 (HKLM-x32\...\Bookworm Deluxe 1.131) (Version:  - )
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Build-a-lot (HKLM-x32\...\Build-a-lot) (Version: 1.1.0.0 - MumboJumbo)
Build-a-lot 2 (HKLM-x32\...\Build-a-lot 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Cakewalk Sound Center 1.1.0 (HKLM-x32\...\Cakewalk Sound Center_is1) (Version: 1.1.0 - Cakewalk Music Software)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 90 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412) (Version:  - )
Castle Crashers Demo (HKLM-x32\...\Steam App 207100) (Version:  - )
Cave Story (HKLM-x32\...\Cave Story) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - )
Christmas Shopper Simulator (HKLM-x32\...\{139C8AA5-BA56-4388-B5EC-31E0BF09A7C6}) (Version: 1.0.0 - Game Retail Ltd.)
Chuzzle Deluxe 1.0.3.1132 (HKLM-x32\...\Chuzzle Deluxe 1.0.3.1132) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\Creative Mass Storage Drivers) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\MuVo Driver) (Version:  - )
Creative-Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das Drachenei: Die Geschichte des Wanderers (HKLM-x32\...\Das Drachenei: Die Geschichte des Wanderers) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Geheimnis des Bermudadreiecks (HKLM-x32\...\Das Geheimnis des Bermudadreiecks) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Reich des Drachen (HKLM-x32\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis der Insel (HKLM-x32\...\Das Vermächtnis der Insel) (Version: 1.0.0.0 - INTENIUM GmbH)
Deponia (HKLM-x32\...\GOGPACKDEPONIA_is1) (Version: 2.1.0.7 - GOG.com)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Diamond Drop 2 (HKLM-x32\...\Diamond Drop 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.278.1110 - Electronic Arts Inc.)
Die Wiege Ägyptens (HKLM-x32\...\Die Wiege Ägyptens) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Wiege Roms (HKLM-x32\...\Die Wiege Roms) (Version:  - )
Dinos & Bubbles (HKLM-x32\...\Dinos & Bubbles) (Version: 0.0.0.0 - INTENIUM GmbH)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Edna Bricht Aus 6.3 (HKLM-x32\...\{0D00CD3F-AEDC-45F1-A2DD-DADF74407D7B}_is1) (Version:  - )
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Feeding Frenzy 2 (HKLM-x32\...\{3E6187E8-9548-49BA-AC9A-E481C0EF4526}) (Version: 1.0.0.0 - PopCap Games)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Flyonoid (HKLM-x32\...\Flyonoid) (Version: 0.0.0.0 - INTENIUM GmbH)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
Free YouTube Download Classic (HKLM-x32\...\Free YouTube Download Classic_is1) (Version: 3.2.75.118 - DVDVideoSoft Ltd.)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Gardenscapes (HKLM-x32\...\Gardenscapes_is1) (Version:  - Playrix Entertainment)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.2.1 - Genesys Logic)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\{6438EBAC-5305-39A5-A93E-88CDFA6CE947}) (Version: 48.0.2564.116 - Google, Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
Hammer Heads 1.0 (HKLM-x32\...\Hammer Heads 1.0) (Version:  - )
Harveys Neue Augen (HKLM-x32\...\Harvey) (Version: 1.0 - Daedalic Entertainment)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
HitFilm 3 Express (HKLM\...\{0259351A-DAB0-402F-BBAC-CD4074D2DD3B}) (Version: 3.1.4321.38300 - FXhome)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hühner-Attacke (HKLM-x32\...\Hühner-Attacke) (Version: 0.0.0.0 - INTENIUM GmbH)
Hühner-Rache Deluxe (VOLLVERSION) (HKLM-x32\...\Hühner-Rache Deluxe (VOLLVERSION)) (Version:  - )
Human Resource Machine (HKLM-x32\...\Steam App 375820) (Version:  - Tomorrow Corporation)
Human Resource Machine 1.0 (HKLM-x32\...\{F8B98BF2-D6BF-45B7-9107-71EF2139D0A4}) (Version: 1.0.0 - Tomorrow Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Insanely Twisted Shadow Planet (HKLM-x32\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Ittle Dew (HKLM-x32\...\Steam App 241320) (Version:  - Ludosity)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
Jumpin’ Jack (HKLM-x32\...\Jumpin’ Jack) (Version: 0.0.0.0 - INTENIUM GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.4827a - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
Lenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
Magic Encyclopedia (HKLM-x32\...\Magic Encyclopedia) (Version:  - )
Magic Encyclopedia 2 (HKLM-x32\...\Magic Encyclopedia 2) (Version:  - )
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_MSI_FotoDesigner7_silver) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B2DC0B6C-C969-43B9-B6C3-6A6C1CAD46DF}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{3629C581-D8D2-477E-A40E-D5E351DF066B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_plus) (Version: 11.0.3.0 - MAGIX AG)
MAGIX Video deluxe MX Plus (x32 Version: 11.0.3.0 - MAGIX AG) Hidden
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_MSI_Video_easy_3_TerraTec) (Version: 3.0.1.25 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (x32 Version: 3.0.1.25 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McPixel (HKLM-x32\...\Steam App 220860) (Version:  - Sos)
Meine kleine Farm (HKLM-x32\...\Meine kleine Farm) (Version: 0.0.0.0 - INTENIUM GmbH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Macro Assembler (MASM) (HKLM-x32\...\{F0D36479-04C5-4011-B2F9-FA23C9700157}) (Version: 8.0.50720.105 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM-x32\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM-x32\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 38.0.1 (x86 de) (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Creator LE 5.0.6 (HKLM-x32\...\Music Creator LE_is1) (Version: 17.0 - Cakewalk Music Software)
Music Manager (HKLM-x32\...\{5AFA4872-16B2-419E-ADCA-8E96E739115D}) (Version: 10.01.0006 - )
Mutant Mudds (remove only) (HKLM-x32\...\RenegadeKidMutantMudds) (Version:  - )
Mystery P.I. - The London Caper (HKLM-x32\...\Mystery P.I. - The London Caper) (Version:  - PopCap Games)
Nebel der Elfen (HKLM-x32\...\Nebel der Elfen) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nintendo_History_ScreenSaver (HKLM-x32\...\Nintendo_History_ScreenSaver) (Version:  - )
Nintendo_SMG2_ScreenSaver (HKLM-x32\...\Nintendo_SMG2_ScreenSaver) (Version:  - )
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Offspring Fling! (HKLM-x32\...\Steam App 211360) (Version:  - )
Oozi: Earth Adventure (HKLM-x32\...\{B083076F-BCCB-4710-A4B1-6512134A16DE}) (Version: 1.0.0.0 - Awesome Games Studio)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{af9ff3ed-cea8-4944-9131-04bcfa1904f3}) (Version: latest - ppy Pty Ltd)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Deluxe 1.03 (HKLM-x32\...\Peggle Deluxe 1.03) (Version:  - )
Peggle Nights (HKLM-x32\...\{6641FD4F-6B9F-47F4-9DEA-9979E79E68D7}) (Version: 1.1.6.5913 - PopCap Games)
Peggle Nights Deluxe 1.0.3.5802 (HKLM-x32\...\Peggle Nights Deluxe 1.0.3.5802) (Version: 1.0.3.5802 - PopCap Games)
Peggle World of Warcraft Edition (HKLM-x32\...\Peggle World of Warcraft Edition) (Version:  - PopCap Games)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - PopCap Games)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ACHTUNG
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.92 - proDAD GmbH)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Puddle (HKLM-x32\...\Puddle_is1) (Version:  - GOG.com)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Python 3.2 construct-2.5.1 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\construct-py3.2) (Version:  - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Q.U.B.E. Demo (HKLM-x32\...\Steam App 204610) (Version:  - )
Quantum Conundrum Demo (HKLM-x32\...\Steam App 205700) (Version:  - )
Randal's Monday Demo (HKLM-x32\...\Steam App 333140) (Version:  - Nexus Game Studios)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.02 - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Relational Algebra Translator Version 4.1 (HKLM-x32\...\{E9A45241-FC5C-4613-A37E-FC3296485E99}_is1) (Version: 4.1 - Universidad Nacional de Costa Rica)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Schatzinsel 2 (Vollversion) (HKLM-x32\...\Schatzinsel 2 (Vollversion)) (Version:  - )
Secunia PSI (3.0.0.4001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Sheep’s Quest (HKLM-x32\...\Sheep’s Quest) (Version: 0.0.0.0 - INTENIUM GmbH)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smash Frenzy 4 (HKLM-x32\...\Smash Frenzy 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Snapshot (HKLM-x32\...\Steam App 204220) (Version:  - )
Snowy (HKLM-x32\...\Snowy) (Version: 0.0.0.0 - INTENIUM GmbH)
Snowy: Lunch Rush (HKLM-x32\...\Snowy Lunch Rush) (Version: 0.0.0.0 - INTENIUM GmbH)
Soluto (HKLM\...\{34307828-B2DB-4473-A803-A314FC7AA889}) (Version: 1.3.1023.0 - Soluto)
Sonic Generations Demo (HKLM-x32\...\Steam App 202290) (Version:  - Sega)
SPC 700NC PC Camera (HKLM-x32\...\{9C5B9ED6-0344-4550-A4AB-C4499EB36053}) (Version:  - )
Spotify (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
SQLite ODBC Driver for Win64 (remove only) (HKLM-x32\...\SQLite ODBC Driver for Win64) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuersparer 2014 (HKLM-x32\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Strikeball 3 (HKLM-x32\...\Strikeball 3) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - )
Super Mario Brothers 2 Screensaver (HKLM-x32\...\Super Mario Brothers 2 Screensaver) (Version:  - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Win the Game (HKLM-x32\...\Steam App 310700) (Version:  - Minor Key Games)
Superkuh (HKLM-x32\...\Superkuh) (Version: 0.0.0.0 - INTENIUM GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.28 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.28 - Telegram Messenger LLP)
TERRATEC Grabby V5.09.1202.00 (HKLM-x32\...\TERRATEC Grabby) (Version: 5.09.1202.00 - )
The Basement Collection (HKLM-x32\...\Steam App 214790) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Turtix (HKLM-x32\...\Turtix) (Version: 0.0.0.0 - INTENIUM GmbH)
Turtix 2 (HKLM-x32\...\Turtix 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity Web Player (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.20 Beta 2 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
Woah Dave! (HKLM-x32\...\Steam App 315110) (Version:  - MiniVisions)
World of Goo (entfernen) (HKLM-x32\...\World of Goo) (Version:  - )
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XSplit Broadcaster (HKLM-x32\...\{BF4EDEC4-40DE-4021-9040-0B41663CBCE1}) (Version: 2.6.1510.2621 - SplitmediaLabs)
Yumsters 2 (HKLM-x32\...\Yumsters 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Zuma Deluxe 1.0 (HKLM-x32\...\Zuma Deluxe 1.0) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Georg\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {000CB502-D961-4EF9-9B25-BB783FCCE7C3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {07C21E35-9167-45FC-9DC5-29647F2EE15D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {0A91147B-AFF6-40A7-8281-8762432A42FC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0B0D0027-6A7D-461C-B19F-102D65EFD1A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0DB761BD-4C86-4EF1-9FF7-217E4EA141EB} - System32\Tasks\{D6C011F4-E699-439C-9B9E-DB066A35F5D9} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {10EB6D3D-48F3-4273-A7C8-6E2357160EBD} - System32\Tasks\{141DAD77-9DFF-47D4-9E4B-C3E580C6CDB2} => pcalua.exe -a C:\Users\Georg\Desktop\GL710_application_and_driver_v1.3.0.84_20140623.exe -d C:\Users\Georg\Desktop
Task: {1498DCDF-C686-4051-9309-3D5DDBC8CA89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {154F514A-A6D7-4DD2-8CEE-07BC2C049DBD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1B1F4A43-834E-4C21-AAAC-BB8BB74C5D61} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {22829860-B4F5-412D-BF26-481908B6D1C1} - System32\Tasks\{F40F36A6-342E-48E1-8D38-2DF99C54F9E3} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {22B85D8E-4D3A-463F-937F-6D6F21A5A5F7} - System32\Tasks\{6C6012E4-10B8-47AB-BF1C-CC4FE4E0944B} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {22D2B17B-3415-48AC-8FAD-BD0CDB0120AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {23FD9FB0-2C17-4556-AC69-FFA56AD00F92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2582FCF7-D6E8-4913-BE6F-A0D59A3237EF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {28E61EEB-FF4F-42CB-B43B-F3C2683E7F45} - System32\Tasks\{03DF9196-4F37-4AF2-9EE7-8F182C3C1FDA} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {2EDF115B-8147-488A-89A7-5E3B87402B62} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3B7D67E3-965C-4DB0-BFF7-C56148B60E0F} - System32\Tasks\{89460D6F-55EE-4144-88FB-49B590B5CA21} => pcalua.exe -a C:\Users\Georg\Downloads\lide90vst641300ej.exe -d C:\Users\Georg\Downloads
Task: {3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3CBEB8BB-E9F4-4C91-A074-B6C6B5106892} - System32\Tasks\{09386E22-90C7-4050-A4FC-59712DDBCFD0} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {41AC8DE2-A3F7-4881-AF4D-6A239B70D40E} - System32\Tasks\{4A235EC8-FD28-471F-8672-C225FF02FF5E} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {44AC9FD8-C573-42CE-916A-DB29F369C1E3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {45C91C7E-C168-410C-8B5F-AA7C466F7808} - System32\Tasks\{AD2E0DE0-6292-430B-9C70-08CAD4546C28} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {47060F33-F87D-4EB3-8F99-E471C1A28770} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E} - System32\Tasks\{39157281-4289-4AC3-A03E-7784D5D9FD60} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {4AEEB4FA-E867-4275-B9E5-DDDCA0173762} - System32\Tasks\{D4BBF116-FE11-4C32-B08B-28D68581C067} => pcalua.exe -a C:\Users\Georg\Desktop\JRT.exe -d C:\Users\Georg\Desktop
Task: {4C2F56E5-D39B-4949-A351-3AAC5BF4B08D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4ED0B30F-0400-438C-ACE5-EB876F9E64C3} - System32\Tasks\{30114F5B-7107-43B9-AE8E-77E523473DD3} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {5039C775-5DA6-443F-8159-27C47EFC3991} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {51E73228-6869-49D4-89BB-0F9087E16B36} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {527B8EB0-C94D-4611-915E-BC7004B90B9C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5985EFDB-4DF6-43C3-A351-2B77AFCF2AA9} - System32\Tasks\{3F33EA58-777D-48E5-9A72-C411B84DD41B} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {5B93CCFF-8B92-4DDE-9528-5C4E87DC40EA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {625B28AF-7EA2-457B-A601-803B23E5A514} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {64EF008A-B590-4ECF-B7B4-8427E8DD1ACF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {65BC0CAE-BE7C-4212-8AA7-FEE94796ECFF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {682C112C-91A2-453D-AF20-A19AE814A99E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {68C717B3-E281-41FA-881E-1B8F09FA146A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6C98AC96-982E-4C67-876F-696B4BEB5D6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {6E76DEA3-9BB7-4615-BF86-66E4E5CCE057} - System32\Tasks\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A} => pcalua.exe -a C:\Users\Georg\Desktop\desktop.exe -d C:\Users\Georg\Desktop
Task: {76890C00-360F-478B-8F4A-D35BF3017ECA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {775180C5-39B5-4344-A714-67A1CA9C308B} - System32\Tasks\{1B7B454B-D060-447E-A524-8403182236D2} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {781512EA-855A-44D8-8FBD-CF0B59F63FA9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7C788119-4AB2-482B-9DC2-E9EBF04831A0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87279B5D-7847-4967-95E0-7FF1923509C3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336} - \Desk 365 RunAsStdUser -> Keine Datei <==== ACHTUNG
Task: {8C295FE6-5816-4EDC-AD33-3A49F375EB99} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {9228DE4C-EAA7-44AE-8464-226C9D8777BC} - System32\Tasks\{679AF5C3-3131-41A0-819C-968AE719B570} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {9664AC75-C1F5-41F4-A1B9-D343F643134F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {9F7F76DF-4611-49E2-A5D0-3477567DE0AA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9F98EAD9-7AC8-4EE5-89DF-95670E187B3F} - System32\Tasks\{E46D8B49-D168-432F-A16F-1CFA3D09054D} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {A09CADF4-58ED-496C-9188-2D86F2BE085E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {A1ACC24C-9FBD-48D7-B14C-48EAB3F50209} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {A426678D-DA71-4B4B-9B85-981D98BE8C4E} - System32\Tasks\{FB3B6673-58E4-4AB0-BA06-55F3E07CBD68} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {ABF15843-06B4-4EC9-99EE-F5A581D5B740} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B1C86B65-BFB9-4570-B739-AF957C51FECB} - System32\Tasks\{84125F2B-66FF-4D23-8345-E574582A07D3} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {B3694911-5EA5-4D5D-A7D3-D8839466EC45} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {B68CAD77-ADE7-4FCD-9618-25584C3080E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C4174FC2-81DE-4B59-A2D0-EA2FF0BED6A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CA71CF61-88E0-4AD6-95FF-434FDB158314} - System32\Tasks\{5A25AE58-0690-4338-A281-12AFD1F42B43} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CA8FCCE2-380F-490D-BA67-E542C0B0D155} - System32\Tasks\{30C490A4-1414-4E4F-9A4C-161E1D7F2D89} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CB324651-721C-40F2-98B4-00B36EDB4502} - System32\Tasks\{9B25F6CB-5177-41F1-AB00-56134914F469} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {D0D2F053-DC3B-4F71-8C72-68879CFDB325} - System32\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D13F1CBB-DCEB-4F4B-83DD-C48BA3967607} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D21AEADF-13CA-4CB1-B218-EA2BAB19CBE0} - System32\Tasks\{09323272-BD34-4C61-99B5-C4AAB0E95503} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {D606949D-5786-4113-958D-CE6A535B3633} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8112DD8-07F8-4AD1-A34D-0511B22DD3DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D8DDA550-D72F-443A-B506-E112D4FF5B69} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DF58ACD3-171F-4401-B9BD-15A329C4B883} - System32\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E4EA4563-7840-4558-99BD-219BCAF78CB0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E6448650-5C88-4D95-B7D0-65DCAE1A27E7} - System32\Tasks\{0DD2511D-264E-4200-9B16-488766294C64} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {E73B94EF-E652-40F9-96A7-BF43892CFFF2} - System32\Tasks\{284635B6-657F-4292-AEF8-DA2866407675} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {EDAB4437-6214-4B5A-AFD3-1F3D62F08AAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {EE9F6E11-ADAB-48EC-B99F-C740B9E66236} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F18F99F3-C285-4975-899B-D28D601B41D4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F35D1E98-22B9-4393-9C34-F143138BE83C} - System32\Tasks\{5ED761C6-9885-43A7-BBB7-4C94289045FC} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/217830
Task: {FCB8716E-7B82-4F63-AFA3-F3BD50C3F4A6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {FEE12B32-D23A-410C-BC24-1B6FE1340BA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-09-03 12:07 - 2014-09-03 12:07 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2012-03-21 13:04 - 2011-03-16 04:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-13 16:41 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 15:42 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 16:41 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:41 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-28 18:16 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 18:16 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\2db06033b228e6dda5c6fe72b7c2e134\Windows.Foundation.ni.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-09-03 11:41 - 2014-09-03 11:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-09-03 11:56 - 2014-09-03 11:56 - 00742400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-09-03 11:48 - 2014-09-03 11:48 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\skype.com -> hxxps://apps.skype.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Georg\Desktop\wallpaper.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E409828D-6242-4503-9BBE-F229DDB1A7C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{EB590ADE-DC52-4BB8-99DD-510E7E75412B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{3E1D00CA-1C05-4F1E-9D0A-FAE03FCA63AA}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{EA8CC015-FC7E-4F23-8826-FEEBE3B0BC2C}] => (Allow) C:\Program Files (x86)\Pogo Games\WebUpdater.exe
FirewallRules: [{534AA780-7B96-4803-976A-418A9F0912FF}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{923A37BF-BC10-4A76-AB38-1B7D680D8998}] => (Allow) C:\Program Files (x86)\Pogo Games\PogoDGC.exe
FirewallRules: [{92218D33-E3CD-4370-8469-04E486B16722}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{5A932314-348D-4AA6-B186-D7ECD1D430B7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{49DFBD46-41AC-4316-A6B7-DD0BE653985C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{8C1CCE65-84D8-40DC-B350-E6942E45423E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{1BEBBF0D-E3DA-4C1F-83A5-D5E4450FE19E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{60AEE7F5-7F87-4524-A935-E9F87418A0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{B2D8E196-1F82-477D-8C2F-6FBAFF599C47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{CEF85CEA-8C34-4407-B2F7-704594188E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{51128BE1-7B43-48E3-A6B8-A7CACD85055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5A67CCCF-98B5-4ACB-8E72-39725C0DBC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [UDP Query User{21CE44F9-D3F7-4421-BB9C-3179631BCBB6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9245CCE2-0CDD-4A9A-8786-4891AF7AB021}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6690C194-49D2-4FED-8156-86A96F4AC0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [{8E3A5BFB-255F-424C-B7E4-35EDEC1B3342}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [UDP Query User{317EA79A-BE6A-43F1-ADC8-A853B1127485}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [TCP Query User{C93797DC-6D78-4902-BD42-9588BF624885}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [{1C2F4D0C-E773-47F8-A245-02FF8CFA1C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FC207651-33C0-47F6-8A37-B0A8F2233B65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B4664996-F23A-4259-84A9-C1C3F00160F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{B2DFA9E3-7E75-444C-B09E-A4586B96F7A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [UDP Query User{09434D76-117F-4E69-B73E-6C9B221AEDF8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C6F953E9-9961-4402-A123-D09977372A86}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6A6DA135-116A-44CB-99C7-10DD455DFF37}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D0F5BB4-349D-4A33-AB49-4710936FEB1B}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{26B75818-B9C9-4600-95EF-5BF3271CD3B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{F76D6685-8781-4214-AE29-7391A7F952EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{3B2A79E8-BD57-421C-ADC5-6F1B8DC3380E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{16CFFB9C-BEE5-4AE5-A4F5-60442CE9D029}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{B14C55C3-5494-4468-9BFF-9D01B7955596}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{E6E36002-BFFE-4072-9BB6-A5A04F162601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [TCP Query User{4BC615D9-F4FA-47A7-BDB0-670434CF8059}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{0387514B-08D3-4818-8800-46031F3D5B5B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{D7C1C599-484C-4D0A-94D6-190C6B70BDF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{6EA01E06-8DC1-4DA9-86AA-266312A7FD3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{817401A8-5E26-430F-B299-678DC9AEB0C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{794416C1-5ECE-4929-B1D4-533611F0295D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{FB681326-7AE1-43F5-8C9F-594F5A1133BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{17B5C4B0-B585-45A5-9AE8-D5DA109D255C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{D7C4ADC2-563E-4498-B69B-57473A5019FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{3F19F675-B02E-400D-8098-EE3E07CC1CA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{29848BF7-4700-4B86-B285-9F285A185560}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [{5AA8268A-600F-419C-9948-F7093766B19E}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [TCP Query User{DA7B4175-FC5A-4C9F-9145-6DD61835B85E}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5BA3F47A-5492-468F-B714-3BEE65943273}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B74FE500-4A10-4E19-AFCC-0CA5B1399169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{00F13B6A-DD95-4D2A-8267-B51D593D523D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{AE0F8D3F-2CB8-4614-B9E4-DA9F72282EFD}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{11D076F9-C631-429D-803D-92825E20E0A7}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{DC57E1F2-4EAC-402B-BD71-2AF69888D14B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{0CE0EE76-6674-4D8D-85EE-B01BEBB463AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{CD45CD21-970D-4F39-B7C0-736C463EA752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{51E2CC35-413D-4D8D-A128-97D3832D675E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{70670B13-5B7B-4A83-BE5B-8C3DA34FFC7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{F27ADD3A-BB39-45B1-B377-B33F7274D3D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{D01A302B-65E9-4621-8D1A-9087A39E2DF3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{74BD137C-94EB-46C4-8C51-D4BA4FEDFD80}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3B88FB96-139E-4FE5-A3C1-058414FF151C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6B919022-EA80-458F-84C6-C97B4A5BD145}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C82C5818-9CD0-40BC-AD0A-BAF04AB8AD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4ED58B78-E9AF-4A93-8C04-795CB711675F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{039E57EE-BE99-455D-B6BC-99637C1D6E51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{3DBF7A9D-5868-43D5-AB3D-1515E2270F4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{78E3D2BF-7FF9-4802-9F8A-25E95DD2A11A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{B7F9AC72-5BFE-4BAA-9552-5FC3F92B9787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{2A364A6C-9D9F-4695-BA9B-EEF9F4A3BF1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{76E95C7B-972A-4593-A4CA-EC3A1576F5F2}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{ABACCF8A-DA66-4878-983E-5DAEEFF05D45}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{5226270F-2869-4DD0-A8C3-1D4ED7A8B093}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [{5A3639E5-EB75-4287-8171-54CE88577D25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [TCP Query User{3EB352B3-DC7B-41CB-9284-E185B2C22F3F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ECCD81E0-6498-4AC3-A365-ACC9175557BA}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{696D3DCE-5EE6-4D4C-ADD5-E4ABF536FD2A}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{3451884F-629F-421F-8857-B2043846C27F}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{FFE143AF-BE95-4AD3-A658-4E4BF13DAC01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [{78471CE3-D841-4D1B-98EB-A51BA8A54E60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [TCP Query User{3F5DC93B-1BDB-48C0-B393-20F45F96D0FF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{C455E4F5-8622-4DE8-AB3F-406A6B9B96AE}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{41B11C50-6F85-44F0-8155-D455B70E8D09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{10195601-8288-4F6A-9B1D-CCF229F48892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{88DCC03C-2C4D-4C9C-B40F-B88EF3C2423A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{79D8C42C-9ED0-428F-9C9E-443A8219722F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AEF54BB6-F0CF-4BFE-A551-1268F2CAFDBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D3727C3-5977-4C54-BE43-DBBB3EA05E6F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F74F19C9-BED4-4304-BFF5-C4E2C0683C38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2897C868-4F2D-403B-81FA-F567AE2A21FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2722FDD4-502A-4BA7-8EBC-1BEB6598CB19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DEE26149-9301-4098-BF58-4FCEED52D2C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6286AA30-5281-417E-AB1B-EB2E13BDDA51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEC6BA65-FBB3-44FD-B866-0EBFFF42ED2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{8DFF7091-838D-4B43-BF8A-84D744CA6690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{827B468D-2B6C-484E-A444-A8F341F7B3AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{3E8C502C-937D-4ECD-B416-0AF45989920A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [TCP Query User{8324DB31-6835-40A3-BE6E-75793B22E236}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{3882B36A-0331-4497-88B0-8AB860F0ECD8}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [{1FB05D6C-7FEF-4982-AC22-7B4E5E907B9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{03336EB7-C0C6-4362-9188-ADB5E75E7F12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{774095D4-0FF7-4475-B957-94CCA1EC37CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{F8298678-A9B7-4FA5-8106-FFBC72594588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9B7C97E5-460C-434F-8A48-41E5385105D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{1417C50A-473F-4ECA-8A28-87B49F196DB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{B3527AF4-E41E-49A4-BAB4-9222B2EA37CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{61796766-E487-481B-8462-682F2A83D763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{40575BDC-94CA-49AD-B072-733A35E199D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{973BA223-0FD9-4766-90C5-D173BC2E8271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5A48F562-1966-495A-9677-A887FA11AAA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

==================== Wiederherstellungspunkte =========================

21-02-2016 16:47:58 Windows Update
25-02-2016 16:20:06 Windows Update
28-02-2016 16:53:07 Windows Update
02-03-2016 17:10:30 Windows Update
05-03-2016 15:23:24 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2016 03:23:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/05/2016 12:05:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/04/2016 11:34:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: CNQ2412C.DLL, Version: 1.0.1.0, Zeitstempel: 0x460382b7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000040a0
ID des fehlerhaften Prozesses: 0xd18
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (03/04/2016 04:43:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GEORG-PC)
Description: Das Paket „Microsoft.ZuneMusic_3.6.15131.0_x64__8wekyb3d8bbwe+Microsoft.ZuneMusic“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (03/02/2016 05:11:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/28/2016 07:00:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (02/28/2016 04:53:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/25/2016 06:13:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 16.201.11370.0, Zeitstempel: 0x56afb8be
Name des fehlerhaften Moduls: PhotosApp.Windows.dll, Version: 16.201.11370.0, Zeitstempel: 0x56afb831
Ausnahmecode: 0x80000003
Fehleroffset: 0x000000000006c3bf
ID des fehlerhaften Prozesses: 0x10b7c
Startzeit der fehlerhaften Anwendung: 0xMicrosoft.Photos.exe0
Pfad der fehlerhaften Anwendung: Microsoft.Photos.exe1
Pfad des fehlerhaften Moduls: Microsoft.Photos.exe2
Berichtskennung: Microsoft.Photos.exe3
Vollständiger Name des fehlerhaften Pakets: Microsoft.Photos.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Photos.exe5

Error: (02/25/2016 04:20:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/23/2016 05:11:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GEORG-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/05/2016 03:24:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/05/2016 02:37:31 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (03/05/2016 02:35:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (03/05/2016 02:34:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/05/2016 02:34:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (03/05/2016 02:29:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (03/05/2016 02:28:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_100f6c8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 02:28:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _100f6c8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 02:28:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_100f6c8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/05/2016 02:28:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_100f6c8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-03-05 14:59:26.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:26.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:26.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:25.116
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:23.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:45.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:45.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:45.028
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:45.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:44.995
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8174.38 MB
Verfügbarer physikalischer RAM: 5491 MB
Summe virtueller Speicher: 16366.38 MB
Verfügbarer virtueller Speicher: 13792.18 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:905.9 GB) (Free:124.14 GB) NTFS
Drive d: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:723.83 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 49DB58C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E0D2C53C)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Gruß,
Juri9

Alt 05.03.2016, 16:42   #9
M-K-D-B
/// TB-Ausbilder
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Servus,




Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :regfind
    Trymedia
    wincert
    Mysearchdial
    iLivid
    Systweak
    asktoolbar
    ask.com
    portaldosites
    Pogo Games
    PogoGames
    PogoDGC
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 05.03.2016, 16:52   #10
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Hier ist die SystemLook.txt:
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 17:45 on 05/03/2016 by Georg
Administrator - Elevation successful

========== regfind ==========

Searching for "Trymedia"
No data found.

Searching for "wincert"
No data found.

Searching for "Mysearchdial"
No data found.

Searching for "iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi (1).exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi.exe]

Searching for "Systweak"
No data found.

Searching for "asktoolbar"
No data found.

Searching for "ask.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"

Searching for "portaldosites"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@=""C:\Program Files (x86)\Opera\Opera.exe" http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Opera\shell\open\command]
@=""C:\Program Files (x86)\Opera\Opera.exe" http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497"

Searching for "Pogo Games"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\0\win32]
@="C:\Program Files (x86)\Pogo Games\iWinTrusted.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\HELPDIR]
@="C:\Program Files (x86)\Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14}\LocalServer32]
@=""C:\Program Files (x86)\Pogo Games\iWinTrusted.exe" /server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\0\win32]
@="C:\Program Files (x86)\Pogo Games\iWinTrusted.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\HELPDIR]
@="C:\Program Files (x86)\Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}]
"ConfigApplicationPath"="C:\Program Files (x86)\Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}]
"ConfigGDFBinaryPath"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}]
"Title"="Play Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}]
"Description"="Pogo Games Manager Application"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PogoDGC]
"DisplayName"="Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PogoDGC]
"UninstallString"=""C:\Program Files (x86)\Pogo Games\Uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PogoDGC]
"DisplayIcon"=""C:\Program Files (x86)\Pogo Games\Uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PogoDGC]
"Install_Dir"="C:\Program Files (x86)\Pogo Games"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14}\LocalServer32]
@=""C:\Program Files (x86)\Pogo Games\iWinTrusted.exe" /server"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\0\win32]
@="C:\Program Files (x86)\Pogo Games\iWinTrusted.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}\1.0\HELPDIR]
@="C:\Program Files (x86)\Pogo Games"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iWinTrusted]
"ImagePath"="C:\Program Files (x86)\Pogo Games\iWinTrusted.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3E1D00CA-1C05-4F1E-9D0A-FAE03FCA63AA}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\WebUpdater.exe|Name=iWin Games updater.|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EA8CC015-FC7E-4F23-8826-FEEBE3B0BC2C}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\WebUpdater.exe|Name=iWin Games updater.|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{534AA780-7B96-4803-976A-418A9F0912FF}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{923A37BF-BC10-4A76-AB38-1B7D680D8998}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iWinTrusted]
"ImagePath"="C:\Program Files (x86)\Pogo Games\iWinTrusted.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3E1D00CA-1C05-4F1E-9D0A-FAE03FCA63AA}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\WebUpdater.exe|Name=iWin Games updater.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EA8CC015-FC7E-4F23-8826-FEEBE3B0BC2C}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\WebUpdater.exe|Name=iWin Games updater.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{534AA780-7B96-4803-976A-418A9F0912FF}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{923A37BF-BC10-4A76-AB38-1B7D680D8998}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "PogoGames"
No data found.

Searching for "PogoDGC"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\SOFTWARE\PogoDGC]
[HKEY_CURRENT_USER\SOFTWARE\PogoDGC\Shortcuts]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC/Games/Launch Bejeweled Twist.lnk"="STARTGAME_LOCAL 2459323045917304560"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}]
"ConfigGDFBinaryPath"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PogoDGC]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PogoDGC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{534AA780-7B96-4803-976A-418A9F0912FF}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{923A37BF-BC10-4A76-AB38-1B7D680D8998}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{534AA780-7B96-4803-976A-418A9F0912FF}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{923A37BF-BC10-4A76-AB38-1B7D680D8998}"="v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pogo Games\PogoDGC.exe|Name=iWin Games application.|"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\PogoDGC]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\PogoDGC\Shortcuts]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC/Games/Launch Bejeweled Twist.lnk"="STARTGAME_LOCAL 2459323045917304560"

Searching for "         "
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0]
"SerialNumber"="            6VPJLF95"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{45057FCE-5784-48BE-8176-D9D00AF56C3C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5B12E332-17D0-461C-8491-FFB0626E53C3}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
                <Descriptor descriptorID="{9F3B6BCD-A23B-4645-B3D1-FF8CB32A096F}"/>
                <Descriptor descriptorID="{8C532F4F-AE69-4684-95D6-A89E25DD8692}"/>
                <Descriptor descriptorID="{B54162A2-F67F-46dc-9ED5-F6067520EC94}"/>
            </Rating>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA3-4e1d-A710-B626DC4602A6}">
                <Descriptor descriptorID="{F6C8131A-897B-4ecf-990E-07B976D1F805}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5CC527E1-0B18-4C71-A7BF-C5FF719B8DC4}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA3-4e1d-A710-B626DC4602A6}">
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
                <Descriptor descriptorID="{40B262D1-11AA-43c2-B7BA-63A9F5756A06}"/>
                <Descriptor descriptorID="{F8635B3A-C121-480a-9090-31DAA90490D0}"/>
            </Rating>
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{EC290BBB-D618-4cb9-9963-1CAAE515443E}" ratingID="{068D40C4-7809-4c67-8FEA-DA457CF990B4}"/>
            <R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{71828142-5A24-4BD0-97E7-976DA08CE6CF}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>               
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="             <PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false"     Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.0"/>                     <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                     <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                     <Param Name="SessionConfigurationData"                          Value="                       
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="5.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>     

-= EOF =-
         
Gruß,
Juri9

Alt 05.03.2016, 17:03   #11
M-K-D-B
/// TB-Ausbilder
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Servus,


deinstalliere über die Systemsteuerung:
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ACHTUNG


Anschließend SystemLook nochmal wie beschrieben ausführen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 05.03.2016, 17:25   #12
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Erledigt.

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 18:21 on 05/03/2016 by Georg
Administrator - Elevation successful

========== regfind ==========

Searching for "Trymedia"
No data found.

Searching for "wincert"
No data found.

Searching for "Mysearchdial"
No data found.

Searching for "iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi (1).exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi.exe]

Searching for "Systweak"
No data found.

Searching for "asktoolbar"
No data found.

Searching for "ask.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SystemFileAssociations\MAPI/IPM.Task]
"PreviewDetails"="prop:*System.DueDate;*System.Task.CompletionStatus;*System.Task.Owner;*System.Keywords"

Searching for "portaldosites"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@=""C:\Program Files (x86)\Opera\Opera.exe" http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Opera\shell\open\command]
@=""C:\Program Files (x86)\Opera\Opera.exe" http://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497"

Searching for "Pogo Games"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PogoDGC]
"Install_Dir"="C:\Program Files (x86)\Pogo Games"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "PogoGames"
No data found.

Searching for "PogoDGC"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\SOFTWARE\PogoDGC]
[HKEY_CURRENT_USER\SOFTWARE\PogoDGC\Shortcuts]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC/Games/Launch Bejeweled Twist.lnk"="STARTGAME_LOCAL 2459323045917304560"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PogoDGC]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\IntelliType Pro\AppSpecific\PogoDGC.exe]
"Path"="C:\Program Files (x86)\Pogo Games\PogoDGC.exe"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dc1d2903_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0662&subsys_17aa3616&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume2\Program Files (x86)\Pogo Games\PogoDGC.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\PogoDGC]
[HKEY_USERS\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\PogoDGC\Shortcuts]
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC/Games/Launch Bejeweled Twist.lnk"="STARTGAME_LOCAL 2459323045917304560"

Searching for "         "
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0]
"SerialNumber"="            6VPJLF95"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{45057FCE-5784-48BE-8176-D9D00AF56C3C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5B12E332-17D0-461C-8491-FFB0626E53C3}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
                <Descriptor descriptorID="{9F3B6BCD-A23B-4645-B3D1-FF8CB32A096F}"/>
                <Descriptor descriptorID="{8C532F4F-AE69-4684-95D6-A89E25DD8692}"/>
                <Descriptor descriptorID="{B54162A2-F67F-46dc-9ED5-F6067520EC94}"/>
            </Rating>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA3-4e1d-A710-B626DC4602A6}">
                <Descriptor descriptorID="{F6C8131A-897B-4ecf-990E-07B976D1F805}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{5CC527E1-0B18-4C71-A7BF-C5FF719B8DC4}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA3-4e1d-A710-B626DC4602A6}">
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
                <Descriptor descriptorID="{40B262D1-11AA-43c2-B7BA-63A9F5756A06}"/>
                <Descriptor descriptorID="{F8635B3A-C121-480a-9090-31DAA90490D0}"/>
            </Rating>
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{EC290BBB-D618-4cb9-9963-1CAAE515443E}" ratingID="{068D40C4-7809-4c67-8FEA-DA457CF990B4}"/>
            <R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{71828142-5A24-4BD0-97E7-976DA08CE6CF}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>               
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="             <PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false"     Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.0"/>                     <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                     <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                     <Param Name="SessionConfigurationData"                          Value="                       
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="5.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="http://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="http://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>     

-= EOF =-
         
Gruß,
Juri9

Alt 06.03.2016, 12:49   #13
M-K-D-B
/// TB-Ausbilder
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
GroupPolicyUsers\S-1-5-21-2764890169-2354917355-972681180-1002\User: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497
Task: {07C21E35-9167-45FC-9DC5-29647F2EE15D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {22D2B17B-3415-48AC-8FAD-BD0CDB0120AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {23FD9FB0-2C17-4556-AC69-FFA56AD00F92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E} - System32\Tasks\{39157281-4289-4AC3-A03E-7784D5D9FD60} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {4AEEB4FA-E867-4275-B9E5-DDDCA0173762} - System32\Tasks\{D4BBF116-FE11-4C32-B08B-28D68581C067} => pcalua.exe -a C:\Users\Georg\Desktop\JRT.exe -d C:\Users\Georg\Desktop
Task: {625B28AF-7EA2-457B-A601-803B23E5A514} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6E76DEA3-9BB7-4615-BF86-66E4E5CCE057} - System32\Tasks\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A} => pcalua.exe -a C:\Users\Georg\Desktop\desktop.exe -d C:\Users\Georg\Desktop
Task: {781512EA-855A-44D8-8FBD-CF0B59F63FA9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336} - \Desk 365 RunAsStdUser -> Keine Datei <==== ACHTUNG
Task: {9664AC75-C1F5-41F4-A1B9-D343F643134F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A09CADF4-58ED-496C-9188-2D86F2BE085E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B68CAD77-ADE7-4FCD-9618-25584C3080E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D606949D-5786-4113-958D-CE6A535B3633} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EE9F6E11-ADAB-48EC-B99F-C740B9E66236} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi (1).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi.exe
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\PogoDGC
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 06.03.2016, 18:56   #14
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Zitat:
Hinweis: Der Suchlauf mit ESET kann länger dauern.
Länger ist gut, der hat nach 2,5 Stunden gerade mal 30% fertig :'D

Aber hier ist schon mal die Fixlog.txt:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016
durchgeführt von Georg (2016-03-06 13:55:29) Run:1
Gestartet von C:\Users\Georg\Desktop
Geladene Profile: Georg (Verfügbare Profile: Georg & Andere & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
GroupPolicyUsers\S-1-5-21-2764890169-2354917355-972681180-1002\User: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST31000524AS_6VPJLF95XXXX6VPJLF95&ts=1369940497
Task: {07C21E35-9167-45FC-9DC5-29647F2EE15D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {22D2B17B-3415-48AC-8FAD-BD0CDB0120AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {23FD9FB0-2C17-4556-AC69-FFA56AD00F92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E} - System32\Tasks\{39157281-4289-4AC3-A03E-7784D5D9FD60} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {4AEEB4FA-E867-4275-B9E5-DDDCA0173762} - System32\Tasks\{D4BBF116-FE11-4C32-B08B-28D68581C067} => pcalua.exe -a C:\Users\Georg\Desktop\JRT.exe -d C:\Users\Georg\Desktop
Task: {625B28AF-7EA2-457B-A601-803B23E5A514} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6E76DEA3-9BB7-4615-BF86-66E4E5CCE057} - System32\Tasks\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A} => pcalua.exe -a C:\Users\Georg\Desktop\desktop.exe -d C:\Users\Georg\Desktop
Task: {781512EA-855A-44D8-8FBD-CF0B59F63FA9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336} - \Desk 365 RunAsStdUser -> Keine Datei <==== ACHTUNG
Task: {9664AC75-C1F5-41F4-A1B9-D343F643134F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A09CADF4-58ED-496C-9188-2D86F2BE085E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B68CAD77-ADE7-4FCD-9618-25584C3080E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D606949D-5786-4113-958D-CE6A535B3633} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EE9F6E11-ADAB-48EC-B99F-C740B9E66236} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi (1).exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi.exe
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154}
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\PogoDGC
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-2764890169-2354917355-972681180-1002\User => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
"HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command\\Default => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07C21E35-9167-45FC-9DC5-29647F2EE15D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C21E35-9167-45FC-9DC5-29647F2EE15D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22D2B17B-3415-48AC-8FAD-BD0CDB0120AA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22D2B17B-3415-48AC-8FAD-BD0CDB0120AA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23FD9FB0-2C17-4556-AC69-FFA56AD00F92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23FD9FB0-2C17-4556-AC69-FFA56AD00F92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C5D73E0-1EC0-4D43-B6EC-EC7D4589DBA2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{493B8E61-3B32-4A42-92D2-2AE0E6D8DF8E}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{39157281-4289-4AC3-A03E-7784D5D9FD60} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39157281-4289-4AC3-A03E-7784D5D9FD60}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AEEB4FA-E867-4275-B9E5-DDDCA0173762}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AEEB4FA-E867-4275-B9E5-DDDCA0173762}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{D4BBF116-FE11-4C32-B08B-28D68581C067} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D4BBF116-FE11-4C32-B08B-28D68581C067}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{625B28AF-7EA2-457B-A601-803B23E5A514}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{625B28AF-7EA2-457B-A601-803B23E5A514}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E76DEA3-9BB7-4615-BF86-66E4E5CCE057}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E76DEA3-9BB7-4615-BF86-66E4E5CCE057}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B9F4D72-09C6-4DC5-8E70-B481820B5C6A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{781512EA-855A-44D8-8FBD-CF0B59F63FA9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{781512EA-855A-44D8-8FBD-CF0B59F63FA9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89DA3DAB-0E6F-43D0-8FEE-9B48C8CE8336}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9664AC75-C1F5-41F4-A1B9-D343F643134F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9664AC75-C1F5-41F4-A1B9-D343F643134F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A09CADF4-58ED-496C-9188-2D86F2BE085E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A09CADF4-58ED-496C-9188-2D86F2BE085E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B68CAD77-ADE7-4FCD-9618-25584C3080E4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B68CAD77-ADE7-4FCD-9618-25584C3080E4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D606949D-5786-4113-958D-CE6A535B3633}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D606949D-5786-4113-958D-CE6A535B3633}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE9F6E11-ADAB-48EC-B99F-C740B9E66236}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE9F6E11-ADAB-48EC-B99F-C740B9E66236}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi (1).exe => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bi.exe => Schlüssel erfolgreich entfernt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IntelliPoint\AppSpecific\PogoDGC.exe => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A} => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14} => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A} => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C731F6D8-4A56-489C-A633-4D84340C6154} => Schlüssel nicht gefunden. 
HKEY_CURRENT_USER\SOFTWARE\PogoDGC => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_CURRENT_USER\SOFTWARE\PogoDGC => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 5.1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:59:11 ====
         
Der Rest kommt, sobald er fertig wird... *ESET anstarr*

Gruß,
Juri9

ENDLICH, ESET ist fertig. Hier der Log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a4e95a9d05254449b6ff74e0cb3f6f2c
# end=init
# utc_time=2016-03-06 01:09:55
# local_time=2016-03-06 02:09:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 28449
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a4e95a9d05254449b6ff74e0cb3f6f2c
# end=updated
# utc_time=2016-03-06 01:14:57
# local_time=2016-03-06 02:14:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a4e95a9d05254449b6ff74e0cb3f6f2c
# engine=28449
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-06 06:36:08
# local_time=2016-03-06 07:36:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 92568 11103511 0 0
# scanned=643512
# found=0
# cleaned=0
# scan_time=19270
         
Ich melde mich dann später mit den SecurityCheck- und FRST-Logs wieder

checkup.txt von SecurityCheck:
Zitat:
Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.4001)
Java 8 Update 31
Java version 32-bit out of Date!
Adobe Flash Player 20.0.0.306
Mozilla Firefox 34.0.5 Firefox out of Date!
Mozilla Thunderbird (38.6.0)
Google Chrome (48.0.2564.109)
Google Chrome (48.0.2564.116)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016
durchgeführt von Georg (Administrator) auf GEORG-PC (06-03-2016 19:47:06)
Gestartet von C:\Users\Georg\Desktop
Geladene Profile: Georg (Verfügbare Profile: Georg & Andere & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(<AVerMedia>) C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
() C:\Windows\jmesoft\Service.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
() C:\Program Files (x86)\puush\puush.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe
(Telegram Messenger LLP) C:\Users\Georg\AppData\Roaming\Telegram Desktop\Telegram.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Spotify Ltd) C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(On Demand Distribution) C:\Program Files (x86)\Music Manager\OD2State.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [WrtMon.exe] => C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Plus\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [phc700] => C:\windows\system32\vphc700.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit,
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify Web Helper] => C:\Users\Georg\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Spotify] => C:\Users\Georg\AppData\Roaming\Spotify\Spotify.exe [6754928 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\MountPoints2: {9537da85-6a63-11e5-9bd6-c89cdce712ed} - "G:\HTC_Sync_Manager_PC.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-10-29]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin700.exe.lnk [2012-09-08]
ShortcutTarget: TrayMin700.exe.lnk -> C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe ()
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-01-22]
ShortcutTarget: Telegram.lnk -> C:\Users\Georg\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2015-11-16]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b2938fa1-8998-4697-b61c-3e7448cf269d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://de.msn.com/?pc=BB07
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2764890169-2354917355-972681180-1001 -> {C88215D9-8C4C-4C02-BD96-C2F219F35ED5} URL = hxxp://www.bing.com/search?FORM=BB07DF&PC=BB07&q={searchTerms}&src=IE-SearchBox
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1369826421840
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\jg9od9kn.default-1449067715926
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2764890169-2354917355-972681180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Georg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden

Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-03-06]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-19]
CHR Extension: (Skype-Anrufe) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-11-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-08-30]
CHR Extension: (Animal Crossing Music) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldjcaihhhmemeidcfbcadilcmfdaikkg [2015-04-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (YouTube Unblocker) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-30] [UpdateUrl: hxxp://www.unblocker.yt/addon/chrome/updates.xml] <==== ACHTUNG
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-30]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-30]
CHR Extension: (Turn Off the Lights) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-01-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-30]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-30]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-30]
CHR Extension: (Silver Bird) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2013-12-05]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-30]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-25]
CHR Extension: (Mario Retro) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ikmefpddcicnmclabblmicjpibbgbglf [2012-09-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-30]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-21]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-21]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-29]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-22]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Full Page Screen Capture) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fdpohaocaechififmbbbbbknoalclacl [2015-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-22]
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Präsentationen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-12]
CHR Extension: (Google Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-12]
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-12]
CHR Extension: (Google Docs Offline) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Georg\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-29]
CHR HKU\S-1-5-21-2764890169-2354917355-972681180-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [373248 2014-01-16] (AVerMedia TECHNOLOGIES, Inc.) [Datei ist nicht signiert]
R2 AVerUSBPortChecker; C:\Program Files (x86)\AVerMedia\AVerMedia Live Gamer EXTREME\AVerUSBPortChecker.exe [182784 2015-02-25] (<AVerMedia>) [Datei ist nicht signiert]
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2013-11-09] (BOONTY) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-09-03] () [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-10] (SurfRight B.V.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-03] (Electronic Arts)
R2 RECentralService; C:\Program Files (x86)\AVerMedia\AVerMedia RECentral 2\RECentralService.exe [2553152 2015-07-27] (AVerMedia TECHNOLOGIES, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [159800 2012-10-28] (Soluto)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVMU3HC64; C:\Windows\system32\drivers\avmu364.sys [677632 2015-05-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 cpuz135; C:\WINDOWS\TEMP\cpuz135\cpuz135_x64.sys [24368 2016-03-06] (CPUID)
R3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
R2 hmpalert; C:\windows\system32\drivers\hmpalert.sys [93144 2014-04-10] ()
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-10-14] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
R3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-06 14:09 - 2016-03-06 14:09 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-06 13:55 - 2016-03-06 13:59 - 00013635 _____ C:\Users\Georg\Desktop\Fixlog.txt
2016-03-06 13:54 - 2016-03-06 19:44 - 00852720 _____ C:\Users\Georg\Desktop\SecurityCheck.exe
2016-03-06 13:53 - 2016-03-06 14:09 - 02870984 _____ (ESET) C:\Users\Georg\Desktop\esetsmartinstaller_deu.exe
2016-03-05 19:01 - 2016-03-05 19:01 - 35249744 _____ C:\Users\Georg\Downloads\Future Fragments v012.zip
2016-03-05 19:01 - 2016-03-05 19:01 - 00000000 ____D C:\Users\Georg\Downloads\Future Fragments v012
2016-03-05 18:18 - 2016-03-05 18:18 - 00003426 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser Task
2016-03-05 18:18 - 2016-03-05 18:18 - 00000062 _____ C:\Users\Public\Desktop\Bejeweled Twist.url
2016-03-05 17:45 - 2016-03-05 18:25 - 00027544 _____ C:\Users\Georg\Desktop\SystemLook.txt
2016-03-05 17:44 - 2016-03-05 17:45 - 00165376 _____ C:\Users\Georg\Desktop\SystemLook_x64.exe
2016-03-05 15:25 - 2016-03-05 15:25 - 00001153 _____ C:\Users\Georg\Desktop\JRT.txt
2016-03-05 15:22 - 2016-03-05 15:22 - 01609216 _____ (Malwarebytes) C:\Users\Georg\Desktop\JRT.exe
2016-03-05 14:33 - 2016-03-05 14:33 - 00009761 _____ C:\Users\Georg\Desktop\AdwCleaner[C1].txt
2016-03-05 14:24 - 2016-03-05 14:27 - 00000000 ____D C:\AdwCleaner
2016-03-05 14:22 - 2016-03-05 14:24 - 01518592 _____ C:\Users\Georg\Desktop\AdwCleaner_5.037.exe
2016-03-05 12:55 - 2016-03-05 13:11 - 00095292 _____ C:\TDSSKiller.3.1.0.9_05.03.2016_12.55.37_log.txt
2016-03-05 12:54 - 2016-03-05 12:55 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Georg\Desktop\tdsskiller.exe
2016-03-05 12:50 - 2016-03-05 15:30 - 00079647 _____ C:\Users\Georg\Desktop\Addition.txt
2016-03-05 12:49 - 2016-03-06 19:47 - 00037515 _____ C:\Users\Georg\Desktop\FRST.txt
2016-03-05 12:49 - 2016-03-06 19:47 - 00000000 ____D C:\FRST
2016-03-05 12:47 - 2016-03-05 12:49 - 02374144 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2016-03-04 23:33 - 2016-03-06 14:01 - 00000022 _____ C:\WINDOWS\S.dirmngr
2016-03-04 20:44 - 2016-03-04 20:44 - 00159644 _____ C:\Users\Georg\Documents\Gebe immer 100%.pdf
2016-03-03 14:35 - 2016-03-03 14:35 - 00257752 _____ C:\Users\Georg\Documents\Ticket_gamescom2016_4YRhQ82geAJ9G.pdf
2016-03-03 14:25 - 2016-03-03 14:25 - 00090890 _____ C:\Users\Georg\Desktop\invoice-10654-dim.vv.gamescom2016.91.11867.1865.pdf
2016-03-02 15:32 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 15:32 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 15:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 15:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 15:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 15:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 15:31 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-02 15:31 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 15:31 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-02 15:31 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 15:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 15:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 15:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 15:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 15:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 15:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 15:31 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 15:31 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-02 15:31 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-02 15:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 15:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 15:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 15:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 15:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 15:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-02 15:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 15:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 15:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-02 15:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 15:31 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-02 15:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 15:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 15:31 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 15:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 15:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 15:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 15:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 15:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 15:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 15:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 15:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-02 15:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 15:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-02 15:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 15:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 15:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 15:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 15:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 15:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 15:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 15:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 15:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 15:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 15:31 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-02 15:31 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-02 15:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 15:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 15:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 15:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 15:31 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 15:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-02 15:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 15:31 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-02 15:31 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 15:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 15:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 15:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 15:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 15:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 15:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 15:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 15:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 15:31 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-02 15:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 15:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-02 15:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 15:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 15:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 15:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-02 15:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 15:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 15:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 15:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 15:31 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-02 15:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 15:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 15:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 15:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 15:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 15:30 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 15:30 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 15:30 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 15:30 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 15:30 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-02 15:30 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-02 15:30 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 15:30 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 15:30 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 15:30 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 15:30 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 15:30 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 15:30 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 15:30 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 15:30 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 15:30 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-02 15:30 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 15:30 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-02 15:30 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 15:30 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 15:30 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 15:30 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 15:30 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 15:30 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 15:30 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 15:30 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 15:30 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-02 15:30 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 15:30 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-02 15:30 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 15:30 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 15:30 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-02 15:30 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 15:30 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 15:30 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 15:30 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 15:30 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 15:30 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 15:30 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 15:30 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 15:30 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 15:30 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 15:30 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 15:30 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 23:52 - 2016-03-01 23:52 - 00003945 _____ C:\Users\Georg\AppData\Local\recently-used.xbel
2016-02-28 22:10 - 2016-02-28 22:10 - 04078592 _____ (GraMMa Interactive ) C:\Users\Georg\Desktop\GraMMasNotAnotherFangame.exe
2016-02-28 21:52 - 2016-02-28 21:52 - 01989166 _____ C:\Users\Georg\Desktop\bebefreu4.mov
2016-02-19 20:45 - 2016-02-19 20:45 - 00000000 ____D C:\Users\Georg\AppData\Local\KADOKAWA
2016-02-19 20:39 - 2016-02-19 20:46 - 00000000 ____D C:\Users\Georg\Desktop\Gogogo11111
2016-02-12 21:16 - 2016-02-12 21:16 - 00000116 _____ C:\Users\Georg\.jasmin
2016-02-12 21:15 - 2016-02-12 21:15 - 00549021 _____ C:\Users\Georg\Desktop\Jasmin-1.5.8.jar
2016-02-09 21:37 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 21:37 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 21:37 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 21:37 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 21:37 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 21:37 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 21:37 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 21:36 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 21:36 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 21:36 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 21:36 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 21:36 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 21:36 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 21:36 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 21:36 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 21:36 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 21:36 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 21:36 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 21:36 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 21:36 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 21:36 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 21:36 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 21:36 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 21:36 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 21:36 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-06 19:48 - 2014-11-14 19:38 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job
2016-03-06 19:48 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Spotify
2016-03-06 19:43 - 2014-05-08 15:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job
2016-03-06 19:43 - 2012-03-21 13:42 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-06 19:34 - 2012-09-08 13:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-06 19:30 - 2012-09-05 16:31 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Skype
2016-03-06 14:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-06 14:03 - 2013-10-16 15:06 - 00000000 ____D C:\Users\Georg\AppData\Local\Spotify
2016-03-06 14:02 - 2015-08-15 21:09 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Telegram Desktop
2016-03-06 14:02 - 2014-11-14 19:38 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job
2016-03-06 14:02 - 2012-09-17 16:55 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-06 14:01 - 2015-11-16 15:04 - 00000008 __RSH C:\Users\Georg\ntuser.pol
2016-03-06 14:01 - 2015-11-16 10:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-06 14:01 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Georg
2016-03-06 14:00 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-06 13:55 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-06 13:11 - 2012-09-02 09:43 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2016-03-06 00:32 - 2013-08-15 18:21 - 00000000 ____D C:\ProgramData\Origin
2016-03-06 00:32 - 2012-09-11 16:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\SoftGrid Client
2016-03-05 23:10 - 2015-12-09 19:42 - 00000000 ____D C:\Users\Georg\Documents\Scans
2016-03-05 18:18 - 2015-10-26 17:47 - 00000000 ____D C:\ProgramData\PogoDGC
2016-03-05 18:18 - 2015-10-26 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games
2016-03-05 14:44 - 2015-03-29 08:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-05 14:28 - 2015-11-16 09:58 - 00000000 ____D C:\Users\Andere
2016-03-05 12:33 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-04 23:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Performance
2016-03-04 22:41 - 2016-02-01 23:20 - 00000000 ____D C:\Users\Georg\Desktop\Informatikzeugs
2016-03-04 22:36 - 2012-09-22 12:46 - 00000000 ____D C:\Users\Georg\Desktop\Kram
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2015-03-29 08:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-04 22:29 - 2012-09-03 19:11 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-03 17:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 14:07 - 2015-07-31 20:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 08:00 - 2015-11-16 09:57 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-03 08:00 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-03 08:00 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-03 08:00 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-03 07:53 - 2015-11-16 09:47 - 02393944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-03 07:52 - 2012-09-08 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-02 23:05 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-02 23:05 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 23:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-02 17:16 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-01 23:56 - 2012-09-27 18:45 - 00000000 ____D C:\Users\Georg\.gimp-2.8
2016-03-01 23:24 - 2015-09-16 06:19 - 00000000 ____D C:\Users\Georg\Desktop\Scans
2016-02-29 15:09 - 2012-09-05 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-02-22 07:46 - 2016-01-10 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-02-20 08:47 - 2012-03-21 13:42 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:27 - 2015-11-03 06:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 05:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-17 12:09 - 2012-09-03 18:29 - 00000000 ____D C:\Users\Andere\AppData\Local\Lenovo
2016-02-17 07:12 - 2012-10-11 14:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-16 12:44 - 2012-10-01 19:00 - 00000000 ____D C:\Users\Georg\Georgs Kram
2016-02-13 19:12 - 2015-10-15 19:20 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Human Resource Machine
2016-02-10 09:50 - 2015-08-02 12:49 - 00002424 _____ C:\Users\Andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-10 09:50 - 2015-08-02 12:49 - 00000000 ___RD C:\Users\Andere\OneDrive
2016-02-09 21:57 - 2013-07-31 10:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 21:38 - 2012-08-31 14:15 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-09 14:10 - 2013-05-29 17:08 - 00000000 ___RD C:\Users\Georg\Google Drive
2016-02-09 14:10 - 2012-08-30 10:23 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-09 14:10 - 2012-08-30 10:22 - 00000000 ____D C:\Users\Georg\AppData\Local\Lenovo
2016-02-08 08:45 - 2015-07-31 22:09 - 00256968 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2016-02-06 01:26 - 2014-05-22 19:11 - 00000000 ____D C:\Users\Georg\Desktop\WA Archiv
2016-02-05 10:57 - 2016-02-04 12:49 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-14 12:50 - 2013-09-11 20:18 - 0012005 _____ () C:\Users\Georg\AppData\Roaming\alsoft.ini
2013-02-28 17:25 - 2015-01-25 11:27 - 0008704 _____ () C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-01 23:52 - 2016-03-01 23:52 - 0003945 _____ () C:\Users\Georg\AppData\Local\recently-used.xbel
2013-12-16 16:19 - 2013-12-16 16:19 - 0007605 _____ () C:\Users\Georg\AppData\Local\Resmon.ResmonCfg
2014-08-09 16:55 - 2014-08-09 16:55 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-03-21 13:37 - 2012-03-21 13:37 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2012-10-29 20:47 - 2012-10-29 20:47 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
C:\Users\Georg\Minecraft.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-05 15:39

==================== Ende von FRST.txt ============================
         

Alt 06.03.2016, 18:57   #15
Juri9
 
Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Standard

Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)



Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016
durchgeführt von Georg (2016-03-06 19:48:36)
Gestartet von C:\Users\Georg\Desktop
Windows 10 Home Version 1511 (X64) (2015-11-16 09:34:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2764890169-2354917355-972681180-500 - Administrator - Disabled)
Andere (S-1-5-21-2764890169-2354917355-972681180-1002 - Administrator - Enabled) => C:\Users\Andere
cexyuxxekbas (S-1-5-21-2764890169-2354917355-972681180-1007 - Limited - Disabled)
DefaultAccount (S-1-5-21-2764890169-2354917355-972681180-503 - Limited - Disabled)
Gast (S-1-5-21-2764890169-2354917355-972681180-501 - Limited - Disabled)
Georg (S-1-5-21-2764890169-2354917355-972681180-1001 - Administrator - Enabled) => C:\Users\Georg
HomeGroupUser$ (S-1-5-21-2764890169-2354917355-972681180-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Akademie der Magie (HKLM-x32\...\Akademie der Magie) (Version:  - )
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
AVerMedia C875 Live Gamer Portable 3.7.64.23 (HKLM-x32\...\AVerMedia C875 Live Gamer Portable) (Version: 3.7.64.23 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Live Gamer EXTREME 1.0.64.61 (HKLM-x32\...\AVerMedia Live Gamer EXTREME) (Version: 1.0.64.61 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.84 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.84 - AVerMedia Technologies, Inc.) Hidden
AVerMedia RECentral 2 (HKLM-x32\...\InstallShield_{D4F8EA9E-80D3-46B3-A5D9-7D264D319297}) (Version: 2.0.0.36 - AVerMedia Technologies, Inc.)
AVerMedia RECentral 2 (x32 Version: 2.0.0.36 - AVerMedia Technologies, Inc.) Hidden
Bejeweled 2 Deluxe 1.0 (HKLM-x32\...\Bejeweled 2 Deluxe 1.0) (Version:  - )
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bejeweled Twist (HKLM-x32\...\Bejeweled Twist) (Version: 1.0.3.7482 - Pogo)
Bejeweled Twist 1.0.3.8137 (HKLM-x32\...\Bejeweled Twist 1.0.3.8137) (Version: 1.0.3.8137 - PopCap Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version:  - Gaijin Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bookworm Adventures Deluxe 1.0.1.100 (HKLM-x32\...\Bookworm Adventures Deluxe 1.0.1.100) (Version:  - )
Bookworm Deluxe 1.131 (HKLM-x32\...\Bookworm Deluxe 1.131) (Version:  - )
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Build-a-lot (HKLM-x32\...\Build-a-lot) (Version: 1.1.0.0 - MumboJumbo)
Build-a-lot 2 (HKLM-x32\...\Build-a-lot 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Cakewalk Sound Center 1.1.0 (HKLM-x32\...\Cakewalk Sound Center_is1) (Version: 1.1.0 - Cakewalk Music Software)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 90 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412) (Version:  - )
Castle Crashers Demo (HKLM-x32\...\Steam App 207100) (Version:  - )
Cave Story (HKLM-x32\...\Cave Story) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - )
Christmas Shopper Simulator (HKLM-x32\...\{139C8AA5-BA56-4388-B5EC-31E0BF09A7C6}) (Version: 1.0.0 - Game Retail Ltd.)
Chuzzle Deluxe 1.0.3.1132 (HKLM-x32\...\Chuzzle Deluxe 1.0.3.1132) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\Creative Mass Storage Drivers) (Version:  - )
Creative Mass Storage Drivers (HKLM-x32\...\MuVo Driver) (Version:  - )
Creative-Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das Drachenei: Die Geschichte des Wanderers (HKLM-x32\...\Das Drachenei: Die Geschichte des Wanderers) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Geheimnis des Bermudadreiecks (HKLM-x32\...\Das Geheimnis des Bermudadreiecks) (Version: 0.0.0.0 - INTENIUM GmbH)
Das Reich des Drachen (HKLM-x32\...\Das Reich des Drachen) (Version: 1.0.0.0 - INTENIUM GmbH)
Das Vermächtnis der Insel (HKLM-x32\...\Das Vermächtnis der Insel) (Version: 1.0.0.0 - INTENIUM GmbH)
Deponia (HKLM-x32\...\GOGPACKDEPONIA_is1) (Version: 2.1.0.7 - GOG.com)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Diamond Drop 2 (HKLM-x32\...\Diamond Drop 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.80.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.278.1110 - Electronic Arts Inc.)
Die Wiege Ägyptens (HKLM-x32\...\Die Wiege Ägyptens) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Wiege Roms (HKLM-x32\...\Die Wiege Roms) (Version:  - )
Dinos & Bubbles (HKLM-x32\...\Dinos & Bubbles) (Version: 0.0.0.0 - INTENIUM GmbH)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Edna Bricht Aus 6.3 (HKLM-x32\...\{0D00CD3F-AEDC-45F1-A2DD-DADF74407D7B}_is1) (Version:  - )
Elgato Game Capture HD (64-bit) (HKLM\...\{C59BB2DE-E483-4704-976C-652E38DB62A0}) (Version: 3.00.111.1111 - Elgato Systems GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Feeding Frenzy 2 (HKLM-x32\...\{3E6187E8-9548-49BA-AC9A-E481C0EF4526}) (Version: 1.0.0.0 - PopCap Games)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Flyonoid (HKLM-x32\...\Flyonoid) (Version: 0.0.0.0 - INTENIUM GmbH)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
Free YouTube Download Classic (HKLM-x32\...\Free YouTube Download Classic_is1) (Version: 3.2.75.118 - DVDVideoSoft Ltd.)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
Gardenscapes (HKLM-x32\...\Gardenscapes_is1) (Version:  - Playrix Entertainment)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.0.2.1 - Genesys Logic)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Goodbye Deponia (HKLM-x32\...\Deponia 3) (Version: 1.0 - Daedalic Entertainment)
Google Chrome (HKLM-x32\...\{6438EBAC-5305-39A5-A93E-88CDFA6CE947}) (Version: 48.0.2564.116 - Google, Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gpg4win (2.2.2) (HKLM-x32\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
Hammer Heads 1.0 (HKLM-x32\...\Hammer Heads 1.0) (Version:  - )
Harveys Neue Augen (HKLM-x32\...\Harvey) (Version: 1.0 - Daedalic Entertainment)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
HitFilm 3 Express (HKLM\...\{0259351A-DAB0-402F-BBAC-CD4074D2DD3B}) (Version: 3.1.4321.38300 - FXhome)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hühner-Attacke (HKLM-x32\...\Hühner-Attacke) (Version: 0.0.0.0 - INTENIUM GmbH)
Hühner-Rache Deluxe (VOLLVERSION) (HKLM-x32\...\Hühner-Rache Deluxe (VOLLVERSION)) (Version:  - )
Human Resource Machine (HKLM-x32\...\Steam App 375820) (Version:  - Tomorrow Corporation)
Human Resource Machine 1.0 (HKLM-x32\...\{F8B98BF2-D6BF-45B7-9107-71EF2139D0A4}) (Version: 1.0.0 - Tomorrow Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Insanely Twisted Shadow Planet (HKLM-x32\...\Steam App 205730) (Version:  - Shadow Planet Productions)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Ittle Dew (HKLM-x32\...\Steam App 241320) (Version:  - Ludosity)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
Jumpin’ Jack (HKLM-x32\...\Jumpin’ Jack) (Version: 0.0.0.0 - INTENIUM GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.4827a - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
Lenovo Tinian Fn PS/2 Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.0.11.0321 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
LibreOffice 3.6 (HKLM-x32\...\{C2F438B6-7010-453B-93EC-B2FC053AA97B}) (Version: 3.6.1.2 - The Document Foundation)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.2.0919 - Lenovo)
Magic Encyclopedia (HKLM-x32\...\Magic Encyclopedia) (Version:  - )
Magic Encyclopedia 2 (HKLM-x32\...\Magic Encyclopedia 2) (Version:  - )
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_MSI_FotoDesigner7_silver) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B2DC0B6C-C969-43B9-B6C3-6A6C1CAD46DF}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{3629C581-D8D2-477E-A40E-D5E351DF066B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_plus) (Version: 11.0.3.0 - MAGIX AG)
MAGIX Video deluxe MX Plus (x32 Version: 11.0.3.0 - MAGIX AG) Hidden
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_MSI_Video_easy_3_TerraTec) (Version: 3.0.1.25 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (x32 Version: 3.0.1.25 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McPixel (HKLM-x32\...\Steam App 220860) (Version:  - Sos)
Meine kleine Farm (HKLM-x32\...\Meine kleine Farm) (Version: 0.0.0.0 - INTENIUM GmbH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Macro Assembler (MASM) (HKLM-x32\...\{F0D36479-04C5-4011-B2F9-FA23C9700157}) (Version: 8.0.50720.105 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM-x32\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM-x32\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 38.0.1 (x86 de) (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Creator LE 5.0.6 (HKLM-x32\...\Music Creator LE_is1) (Version: 17.0 - Cakewalk Music Software)
Music Manager (HKLM-x32\...\{5AFA4872-16B2-419E-ADCA-8E96E739115D}) (Version: 10.01.0006 - )
Mutant Mudds (remove only) (HKLM-x32\...\RenegadeKidMutantMudds) (Version:  - )
Mystery P.I. - The London Caper (HKLM-x32\...\Mystery P.I. - The London Caper) (Version:  - PopCap Games)
Nebel der Elfen (HKLM-x32\...\Nebel der Elfen) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nintendo_History_ScreenSaver (HKLM-x32\...\Nintendo_History_ScreenSaver) (Version:  - )
Nintendo_SMG2_ScreenSaver (HKLM-x32\...\Nintendo_SMG2_ScreenSaver) (Version:  - )
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Offspring Fling! (HKLM-x32\...\Steam App 211360) (Version:  - )
Oozi: Earth Adventure (HKLM-x32\...\{B083076F-BCCB-4710-A4B1-6512134A16DE}) (Version: 1.0.0.0 - Awesome Games Studio)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{af9ff3ed-cea8-4944-9131-04bcfa1904f3}) (Version: latest - ppy Pty Ltd)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Deluxe 1.03 (HKLM-x32\...\Peggle Deluxe 1.03) (Version:  - )
Peggle Nights (HKLM-x32\...\{6641FD4F-6B9F-47F4-9DEA-9979E79E68D7}) (Version: 1.1.6.5913 - PopCap Games)
Peggle Nights Deluxe 1.0.3.5802 (HKLM-x32\...\Peggle Nights Deluxe 1.0.3.5802) (Version: 1.0.3.5802 - PopCap Games)
Peggle World of Warcraft Edition (HKLM-x32\...\Peggle World of Warcraft Edition) (Version:  - PopCap Games)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - PopCap Games)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.92 - proDAD GmbH)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Puddle (HKLM-x32\...\Puddle_is1) (Version:  - GOG.com)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Python 3.2 construct-2.5.1 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\construct-py3.2) (Version:  - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Q.U.B.E. Demo (HKLM-x32\...\Steam App 204610) (Version:  - )
Quantum Conundrum Demo (HKLM-x32\...\Steam App 205700) (Version:  - )
Randal's Monday Demo (HKLM-x32\...\Steam App 333140) (Version:  - Nexus Game Studios)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.02 - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Relational Algebra Translator Version 4.1 (HKLM-x32\...\{E9A45241-FC5C-4613-A37E-FC3296485E99}_is1) (Version: 4.1 - Universidad Nacional de Costa Rica)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Schatzinsel 2 (Vollversion) (HKLM-x32\...\Schatzinsel 2 (Vollversion)) (Version:  - )
Secunia PSI (3.0.0.4001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Sheep’s Quest (HKLM-x32\...\Sheep’s Quest) (Version: 0.0.0.0 - INTENIUM GmbH)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smash Frenzy 4 (HKLM-x32\...\Smash Frenzy 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Snapshot (HKLM-x32\...\Steam App 204220) (Version:  - )
Snowy (HKLM-x32\...\Snowy) (Version: 0.0.0.0 - INTENIUM GmbH)
Snowy: Lunch Rush (HKLM-x32\...\Snowy Lunch Rush) (Version: 0.0.0.0 - INTENIUM GmbH)
Soluto (HKLM\...\{34307828-B2DB-4473-A803-A314FC7AA889}) (Version: 1.3.1023.0 - Soluto)
Sonic Generations Demo (HKLM-x32\...\Steam App 202290) (Version:  - Sega)
SPC 700NC PC Camera (HKLM-x32\...\{9C5B9ED6-0344-4550-A4AB-C4499EB36053}) (Version:  - )
Spotify (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
SQLite ODBC Driver for Win64 (remove only) (HKLM-x32\...\SQLite ODBC Driver for Win64) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuersparer 2014 (HKLM-x32\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Strikeball 3 (HKLM-x32\...\Strikeball 3) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - )
Super Mario Brothers 2 Screensaver (HKLM-x32\...\Super Mario Brothers 2 Screensaver) (Version:  - )
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Win the Game (HKLM-x32\...\Steam App 310700) (Version:  - Minor Key Games)
Superkuh (HKLM-x32\...\Superkuh) (Version: 0.0.0.0 - INTENIUM GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.28 (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.28 - Telegram Messenger LLP)
TERRATEC Grabby V5.09.1202.00 (HKLM-x32\...\TERRATEC Grabby) (Version: 5.09.1202.00 - )
The Basement Collection (HKLM-x32\...\Steam App 214790) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM-x32\...\Steam App 247750) (Version:  - Galactic Cafe)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Turtix (HKLM-x32\...\Turtix) (Version: 0.0.0.0 - INTENIUM GmbH)
Turtix 2 (HKLM-x32\...\Turtix 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity Web Player (HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.20 Beta 2 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.2 - win.rar GmbH)
Woah Dave! (HKLM-x32\...\Steam App 315110) (Version:  - MiniVisions)
World of Goo (entfernen) (HKLM-x32\...\World of Goo) (Version:  - )
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XSplit Broadcaster (HKLM-x32\...\{BF4EDEC4-40DE-4021-9040-0B41663CBCE1}) (Version: 2.6.1510.2621 - SplitmediaLabs)
Yumsters 2 (HKLM-x32\...\Yumsters 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Zuma Deluxe 1.0 (HKLM-x32\...\Zuma Deluxe 1.0) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Georg\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-2764890169-2354917355-972681180-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {000CB502-D961-4EF9-9B25-BB783FCCE7C3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0A91147B-AFF6-40A7-8281-8762432A42FC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0B0D0027-6A7D-461C-B19F-102D65EFD1A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0DB761BD-4C86-4EF1-9FF7-217E4EA141EB} - System32\Tasks\{D6C011F4-E699-439C-9B9E-DB066A35F5D9} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {10EB6D3D-48F3-4273-A7C8-6E2357160EBD} - System32\Tasks\{141DAD77-9DFF-47D4-9E4B-C3E580C6CDB2} => pcalua.exe -a C:\Users\Georg\Desktop\GL710_application_and_driver_v1.3.0.84_20140623.exe -d C:\Users\Georg\Desktop
Task: {1498DCDF-C686-4051-9309-3D5DDBC8CA89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {154F514A-A6D7-4DD2-8CEE-07BC2C049DBD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {22829860-B4F5-412D-BF26-481908B6D1C1} - System32\Tasks\{F40F36A6-342E-48E1-8D38-2DF99C54F9E3} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {22B85D8E-4D3A-463F-937F-6D6F21A5A5F7} - System32\Tasks\{6C6012E4-10B8-47AB-BF1C-CC4FE4E0944B} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {2582FCF7-D6E8-4913-BE6F-A0D59A3237EF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {28E61EEB-FF4F-42CB-B43B-F3C2683E7F45} - System32\Tasks\{03DF9196-4F37-4AF2-9EE7-8F182C3C1FDA} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {2EDF115B-8147-488A-89A7-5E3B87402B62} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {3B7D67E3-965C-4DB0-BFF7-C56148B60E0F} - System32\Tasks\{89460D6F-55EE-4144-88FB-49B590B5CA21} => pcalua.exe -a C:\Users\Georg\Downloads\lide90vst641300ej.exe -d C:\Users\Georg\Downloads
Task: {3CBEB8BB-E9F4-4C91-A074-B6C6B5106892} - System32\Tasks\{09386E22-90C7-4050-A4FC-59712DDBCFD0} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {41AC8DE2-A3F7-4881-AF4D-6A239B70D40E} - System32\Tasks\{4A235EC8-FD28-471F-8672-C225FF02FF5E} => C:\Program Files (x86)\phenomedia\Die ersten 10 Jahre\MoorhuhnJagd\Moorhuhn.exe
Task: {44AC9FD8-C573-42CE-916A-DB29F369C1E3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {45C91C7E-C168-410C-8B5F-AA7C466F7808} - System32\Tasks\{AD2E0DE0-6292-430B-9C70-08CAD4546C28} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {47060F33-F87D-4EB3-8F99-E471C1A28770} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C2F56E5-D39B-4949-A351-3AAC5BF4B08D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4ED0B30F-0400-438C-ACE5-EB876F9E64C3} - System32\Tasks\{30114F5B-7107-43B9-AE8E-77E523473DD3} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {5039C775-5DA6-443F-8159-27C47EFC3991} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {51E73228-6869-49D4-89BB-0F9087E16B36} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {527B8EB0-C94D-4611-915E-BC7004B90B9C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5985EFDB-4DF6-43C3-A351-2B77AFCF2AA9} - System32\Tasks\{3F33EA58-777D-48E5-9A72-C411B84DD41B} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {5B93CCFF-8B92-4DDE-9528-5C4E87DC40EA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {5C7529AC-1C4B-4CC5-9F2A-5F9917140C29} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {64EF008A-B590-4ECF-B7B4-8427E8DD1ACF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {65BC0CAE-BE7C-4212-8AA7-FEE94796ECFF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {682C112C-91A2-453D-AF20-A19AE814A99E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {68C717B3-E281-41FA-881E-1B8F09FA146A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6C98AC96-982E-4C67-876F-696B4BEB5D6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {76890C00-360F-478B-8F4A-D35BF3017ECA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {775180C5-39B5-4344-A714-67A1CA9C308B} - System32\Tasks\{1B7B454B-D060-447E-A524-8403182236D2} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {7C788119-4AB2-482B-9DC2-E9EBF04831A0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {87279B5D-7847-4967-95E0-7FF1923509C3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8C295FE6-5816-4EDC-AD33-3A49F375EB99} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {9228DE4C-EAA7-44AE-8464-226C9D8777BC} - System32\Tasks\{679AF5C3-3131-41A0-819C-968AE719B570} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {9F7F76DF-4611-49E2-A5D0-3477567DE0AA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9F98EAD9-7AC8-4EE5-89DF-95670E187B3F} - System32\Tasks\{E46D8B49-D168-432F-A16F-1CFA3D09054D} => C:\Program Files (x86)\PopCap Games\Zuma Deluxe\Zuma.exe [2007-09-20] ()
Task: {9FFC9CE5-1AE8-4570-ACC8-970A95610C2C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {A1ACC24C-9FBD-48D7-B14C-48EAB3F50209} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {A426678D-DA71-4B4B-9B85-981D98BE8C4E} - System32\Tasks\{FB3B6673-58E4-4AB0-BA06-55F3E07CBD68} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {ABF15843-06B4-4EC9-99EE-F5A581D5B740} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B1C86B65-BFB9-4570-B739-AF957C51FECB} - System32\Tasks\{84125F2B-66FF-4D23-8345-E574582A07D3} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {B3694911-5EA5-4D5D-A7D3-D8839466EC45} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C4174FC2-81DE-4B59-A2D0-EA2FF0BED6A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CA71CF61-88E0-4AD6-95FF-434FDB158314} - System32\Tasks\{5A25AE58-0690-4338-A281-12AFD1F42B43} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CA8FCCE2-380F-490D-BA67-E542C0B0D155} - System32\Tasks\{30C490A4-1414-4E4F-9A4C-161E1D7F2D89} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {CB324651-721C-40F2-98B4-00B36EDB4502} - System32\Tasks\{9B25F6CB-5177-41F1-AB00-56134914F469} => C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe [2013-10-31] (PopCap Games)
Task: {D0D2F053-DC3B-4F71-8C72-68879CFDB325} - System32\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D13F1CBB-DCEB-4F4B-83DD-C48BA3967607} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D21AEADF-13CA-4CB1-B218-EA2BAB19CBE0} - System32\Tasks\{09323272-BD34-4C61-99B5-C4AAB0E95503} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {D8112DD8-07F8-4AD1-A34D-0511B22DD3DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D8DDA550-D72F-443A-B506-E112D4FF5B69} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DF58ACD3-171F-4401-B9BD-15A329C4B883} - System32\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E4EA4563-7840-4558-99BD-219BCAF78CB0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E6448650-5C88-4D95-B7D0-65DCAE1A27E7} - System32\Tasks\{0DD2511D-264E-4200-9B16-488766294C64} => C:\Program Files (x86)\Steam\Steam.exe [2016-02-04] (Valve Corporation)
Task: {E73B94EF-E652-40F9-96A7-BF43892CFFF2} - System32\Tasks\{284635B6-657F-4292-AEF8-DA2866407675} => C:\GOG Games\Deponia\Deponia.exe [2013-07-06] (Daedalic Entertainment GmbH)
Task: {EDAB4437-6214-4B5A-AFD3-1F3D62F08AAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F18F99F3-C285-4975-899B-D28D601B41D4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F35D1E98-22B9-4393-9C34-F143138BE83C} - System32\Tasks\{5ED761C6-9885-43A7-BBB7-4C94289045FC} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/217830
Task: {FCB8716E-7B82-4F63-AFA3-F3BD50C3F4A6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {FEE12B32-D23A-410C-BC24-1B6FE1340BA5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0003a3ff3a47f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf6ac8faecd84b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0003a410566a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-16 09:53 - 2015-08-07 05:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-03 12:07 - 2014-09-03 12:07 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2012-03-21 13:04 - 2011-03-16 04:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-10-28 16:37 - 2012-10-28 16:37 - 00084992 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2016-03-02 15:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-13 16:41 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 18:16 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2012-10-28 16:37 - 2012-10-28 16:37 - 00056368 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2016-01-13 16:41 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 16:41 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-28 18:16 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-03-21 13:04 - 2011-05-25 13:09 - 00049152 _____ () C:\Windows\SysWOW64\UMonit.exe
2012-08-30 10:39 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
2012-08-30 10:39 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
2012-01-10 13:41 - 2015-03-30 08:39 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2012-09-08 14:55 - 2005-07-12 19:04 - 00278528 _____ () C:\Program Files (x86)\Philips\SPC 700NC PC Camera\TrayMin700.exe
2012-03-21 13:04 - 2011-03-21 22:12 - 00020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2015-12-18 15:42 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 15:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2016-03-04 11:00 - 2016-03-04 11:01 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-04 11:00 - 2016-03-04 11:01 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 11:00 - 2016-03-04 11:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-28 12:45 - 2016-02-28 12:45 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\2db06033b228e6dda5c6fe72b7c2e134\Windows.Foundation.ni.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-09-03 11:41 - 2014-09-03 11:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-09-03 11:48 - 2014-09-03 11:48 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-09-03 11:56 - 2014-09-03 11:56 - 00742400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-22 16:58 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 10:07 - 2016-01-22 10:08 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-07-30 12:42 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 17:10 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 04:37 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 05:34 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 08:07 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2012-09-17 16:55 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 09:04 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 47503472 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libcef.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2012-03-21 13:04 - 2007-12-31 18:27 - 00007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2012-03-21 13:37 - 2010-09-09 19:19 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
2012-03-21 13:37 - 2010-09-09 19:18 - 00211456 _____ () C:\Program Files\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll
2012-03-21 13:37 - 2010-09-20 18:08 - 00210432 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll
2012-03-21 13:37 - 2010-09-21 02:55 - 00182272 _____ () C:\Program Files\Lenovo\Lenovo Brightness System\DDCHelperWraper.dll
2012-03-21 13:04 - 2009-07-16 17:20 - 00032768 _____ () C:\Windows\jmesoft\Keyhook.dll
2012-09-17 16:55 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-01-10 19:29 - 2016-02-22 07:46 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-10 19:29 - 2016-02-22 07:46 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 01584240 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libglesv2.dll
2015-03-05 22:32 - 2016-03-04 07:19 - 00082032 _____ () C:\Users\Georg\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\skype.com -> hxxps://apps.skype.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Georg\Desktop\wallpaper.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2764890169-2354917355-972681180-1001\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E409828D-6242-4503-9BBE-F229DDB1A7C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{EB590ADE-DC52-4BB8-99DD-510E7E75412B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{92218D33-E3CD-4370-8469-04E486B16722}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{5A932314-348D-4AA6-B186-D7ECD1D430B7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{49DFBD46-41AC-4316-A6B7-DD0BE653985C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{8C1CCE65-84D8-40DC-B350-E6942E45423E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Human Resource Machine\Human Resource Machine.exe
FirewallRules: [{1BEBBF0D-E3DA-4C1F-83A5-D5E4450FE19E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{60AEE7F5-7F87-4524-A935-E9F87418A0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashersDemo\castle.exe
FirewallRules: [{B2D8E196-1F82-477D-8C2F-6FBAFF599C47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{CEF85CEA-8C34-4407-B2F7-704594188E09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{51128BE1-7B43-48E3-A6B8-A7CACD85055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5A67CCCF-98B5-4ACB-8E72-39725C0DBC75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [UDP Query User{21CE44F9-D3F7-4421-BB9C-3179631BCBB6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9245CCE2-0CDD-4A9A-8786-4891AF7AB021}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6690C194-49D2-4FED-8156-86A96F4AC0C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [{8E3A5BFB-255F-424C-B7E4-35EDEC1B3342}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Win the Game\SuperGame.exe
FirewallRules: [UDP Query User{317EA79A-BE6A-43F1-ADC8-A853B1127485}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [TCP Query User{C93797DC-6D78-4902-BD42-9588BF624885}C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe] => (Allow) C:\program files (x86)\avermedia\avermedia recentral 2\recentral 2.exe
FirewallRules: [{1C2F4D0C-E773-47F8-A245-02FF8CFA1C2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FC207651-33C0-47F6-8A37-B0A8F2233B65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B4664996-F23A-4259-84A9-C1C3F00160F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{B2DFA9E3-7E75-444C-B09E-A4586B96F7A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [UDP Query User{09434D76-117F-4E69-B73E-6C9B221AEDF8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C6F953E9-9961-4402-A123-D09977372A86}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6A6DA135-116A-44CB-99C7-10DD455DFF37}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D0F5BB4-349D-4A33-AB49-4710936FEB1B}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{26B75818-B9C9-4600-95EF-5BF3271CD3B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{F76D6685-8781-4214-AE29-7391A7F952EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{3B2A79E8-BD57-421C-ADC5-6F1B8DC3380E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{16CFFB9C-BEE5-4AE5-A4F5-60442CE9D029}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{B14C55C3-5494-4468-9BFF-9D01B7955596}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [{E6E36002-BFFE-4072-9BB6-A5A04F162601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Braid\braid.exe
FirewallRules: [TCP Query User{4BC615D9-F4FA-47A7-BDB0-670434CF8059}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{0387514B-08D3-4818-8800-46031F3D5B5B}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{D7C1C599-484C-4D0A-94D6-190C6B70BDF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{6EA01E06-8DC1-4DA9-86AA-266312A7FD3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT Showdown\showdown.exe
FirewallRules: [{817401A8-5E26-430F-B299-678DC9AEB0C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{794416C1-5ECE-4929-B1D4-533611F0295D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{FB681326-7AE1-43F5-8C9F-594F5A1133BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{17B5C4B0-B585-45A5-9AE8-D5DA109D255C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{D7C4ADC2-563E-4498-B69B-57473A5019FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{3F19F675-B02E-400D-8098-EE3E07CC1CA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{29848BF7-4700-4B86-B285-9F285A185560}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [{5AA8268A-600F-419C-9948-F7093766B19E}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Nights\PeggleNights.exe
FirewallRules: [TCP Query User{DA7B4175-FC5A-4C9F-9145-6DD61835B85E}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5BA3F47A-5492-468F-B714-3BEE65943273}C:\users\georg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\georg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B74FE500-4A10-4E19-AFCC-0CA5B1399169}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{00F13B6A-DD95-4D2A-8267-B51D593D523D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{AE0F8D3F-2CB8-4614-B9E4-DA9F72282EFD}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{11D076F9-C631-429D-803D-92825E20E0A7}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{DC57E1F2-4EAC-402B-BD71-2AF69888D14B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{0CE0EE76-6674-4D8D-85EE-B01BEBB463AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dustforce\dustforce.exe
FirewallRules: [{CD45CD21-970D-4F39-B7C0-736C463EA752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{51E2CC35-413D-4D8D-A128-97D3832D675E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QUBE\Binaries\Win32\QUBE.exe
FirewallRules: [{70670B13-5B7B-4A83-BE5B-8C3DA34FFC7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{F27ADD3A-BB39-45B1-B377-B33F7274D3D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{D01A302B-65E9-4621-8D1A-9087A39E2DF3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{74BD137C-94EB-46C4-8C51-D4BA4FEDFD80}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3B88FB96-139E-4FE5-A3C1-058414FF151C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6B919022-EA80-458F-84C6-C97B4A5BD145}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C82C5818-9CD0-40BC-AD0A-BAF04AB8AD88}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4ED58B78-E9AF-4A93-8C04-795CB711675F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{039E57EE-BE99-455D-B6BC-99637C1D6E51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{3DBF7A9D-5868-43D5-AB3D-1515E2270F4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{78E3D2BF-7FF9-4802-9F8A-25E95DD2A11A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Insanely Twisted Shadow Planet\fcengine.exe
FirewallRules: [{B7F9AC72-5BFE-4BAA-9552-5FC3F92B9787}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{2A364A6C-9D9F-4695-BA9B-EEF9F4A3BF1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WoahDave\WoahDave.exe
FirewallRules: [{76E95C7B-972A-4593-A4CA-EC3A1576F5F2}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{ABACCF8A-DA66-4878-983E-5DAEEFF05D45}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{5226270F-2869-4DD0-A8C3-1D4ED7A8B093}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [{5A3639E5-EB75-4287-8171-54CE88577D25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ittle Dew\dew.exe
FirewallRules: [TCP Query User{3EB352B3-DC7B-41CB-9284-E185B2C22F3F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ECCD81E0-6498-4AC3-A365-ACC9175557BA}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{696D3DCE-5EE6-4D4C-ADD5-E4ABF536FD2A}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{3451884F-629F-421F-8857-B2043846C27F}] => (Allow) C:\Program Files (x86)\Origin Games\Feeding Frenzy 2\FeedingFrenzy2.exe
FirewallRules: [{FFE143AF-BE95-4AD3-A658-4E4BF13DAC01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [{78471CE3-D841-4D1B-98EB-A51BA8A54E60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Randal's Monday Demo\RandalsDemo.exe
FirewallRules: [TCP Query User{3F5DC93B-1BDB-48C0-B393-20F45F96D0FF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{C455E4F5-8622-4DE8-AB3F-406A6B9B96AE}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{41B11C50-6F85-44F0-8155-D455B70E8D09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{10195601-8288-4F6A-9B1D-CCF229F48892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{88DCC03C-2C4D-4C9C-B40F-B88EF3C2423A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{79D8C42C-9ED0-428F-9C9E-443A8219722F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AEF54BB6-F0CF-4BFE-A551-1268F2CAFDBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D3727C3-5977-4C54-BE43-DBBB3EA05E6F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F74F19C9-BED4-4304-BFF5-C4E2C0683C38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2897C868-4F2D-403B-81FA-F567AE2A21FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2722FDD4-502A-4BA7-8EBC-1BEB6598CB19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DEE26149-9301-4098-BF58-4FCEED52D2C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6286AA30-5281-417E-AB1B-EB2E13BDDA51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEC6BA65-FBB3-44FD-B866-0EBFFF42ED2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{8DFF7091-838D-4B43-BF8A-84D744CA6690}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{827B468D-2B6C-484E-A444-A8F341F7B3AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{3E8C502C-937D-4ECD-B416-0AF45989920A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [TCP Query User{8324DB31-6835-40A3-BE6E-75793B22E236}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{3882B36A-0331-4497-88B0-8AB860F0ECD8}C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe] => (Allow) C:\program files (x86)\ubisoft\rayman origins\rayman origins.exe
FirewallRules: [{1FB05D6C-7FEF-4982-AC22-7B4E5E907B9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{03336EB7-C0C6-4362-9188-ADB5E75E7F12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{774095D4-0FF7-4475-B957-94CCA1EC37CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{F8298678-A9B7-4FA5-8106-FFBC72594588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{9B7C97E5-460C-434F-8A48-41E5385105D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{1417C50A-473F-4ECA-8A28-87B49F196DB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{B3527AF4-E41E-49A4-BAB4-9222B2EA37CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{61796766-E487-481B-8462-682F2A83D763}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{40575BDC-94CA-49AD-B072-733A35E199D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{973BA223-0FD9-4766-90C5-D173BC2E8271}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5A48F562-1966-495A-9677-A887FA11AAA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

==================== Wiederherstellungspunkte =========================

21-02-2016 16:47:58 Windows Update
25-02-2016 16:20:06 Windows Update
28-02-2016 16:53:07 Windows Update
02-03-2016 17:10:30 Windows Update
05-03-2016 15:23:24 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/06/2016 07:39:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/06/2016 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (03/06/2016 04:25:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GEORG-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/06/2016 04:25:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.122, Zeitstempel: 0x56cc0133
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.71, Zeitstempel: 0x5699d8e0
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006fce8b
ID des fehlerhaften Prozesses: 0x780
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (03/06/2016 02:09:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/06/2016 02:09:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/06/2016 02:09:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/06/2016 02:09:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/06/2016 01:54:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/05/2016 03:23:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (03/06/2016 02:14:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2016 02:14:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys

Error: (03/06/2016 02:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2016 02:14:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys

Error: (03/06/2016 02:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2016 02:14:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys

Error: (03/06/2016 02:10:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2016 02:10:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys

Error: (03/06/2016 02:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2016 02:10:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-03-06 13:45:00.582
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-06 13:45:00.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-06 13:45:00.440
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-06 13:45:00.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:26.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:26.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:26.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:25.116
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:59:23.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-03-05 14:22:45.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8174.38 MB
Verfügbarer physikalischer RAM: 4750.15 MB
Summe virtueller Speicher: 16366.38 MB
Verfügbarer virtueller Speicher: 11562.63 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:905.9 GB) (Free:124.97 GB) NTFS
Drive d: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:701.65 GB) NTFS
Drive e: (THE_INTERVIEW) (CDROM) (Total:6.72 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 49DB58C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E0D2C53C)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Tatsächlich wird in manchen Chrome-Konten noch MySearchDial als Homepage aufgerufen, aber das ist wohl eher ein manueller Job, den ich erledigen muss.

Ansonsten alles in Ordnung, vielen Dank!

Gruß,
Juri9

Antwort

Themen zu Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)
andere, appdata, bösartige, code, erkannt, file, firefox, image, install.exe, konto, kostenlose, löschen, malwarebytes, mbam, microsoft, mozilla, neustart, quarantäne, rechner, roaming, schlecht, software, uninstall.exe, websites, windows, Überreste



Ähnliche Themen: Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)


  1. Netzausrüster Juniper findet Schnüffelcode in eigenem Betriebssystem
    Nachrichten - 18.12.2015 (0)
  2. Windows 7: Malwarebyte Anti-Malware findet PUP.Optional.MySearchDial.A und Adware.FakeFlash
    Log-Analyse und Auswertung - 18.08.2015 (12)
  3. Windows 7: Scan mit MBAM zeigt Systembefall mit mysearchdial an
    Log-Analyse und Auswertung - 05.05.2014 (9)
  4. MySearchDial
    Plagegeister aller Art und deren Bekämpfung - 20.04.2014 (9)
  5. Spam-/Virenmail von eigenem Mail-Account
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (3)
  6. Windows 8 - Browserstartseite ändert sich in mysearchdial
    Plagegeister aller Art und deren Bekämpfung - 12.03.2014 (9)
  7. Windows 7 Rechner mit Mysearchdial infiziert
    Log-Analyse und Auswertung - 02.02.2014 (5)
  8. Router meldet Storm attack aus eigenem Netzwerk
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (5)
  9. Windows Vista: Malewarefunde über Spybot, Mysearchdial im Suchfenster von Mozilla Firefox
    Log-Analyse und Auswertung - 14.01.2014 (9)
  10. RSA warnt vor Schwachstelle in eigenem Tool
    Nachrichten - 20.09.2013 (0)
  11. BKA Warnung mit eigenem Foto, nach Websitenbesuch GVU, paysafe
    Log-Analyse und Auswertung - 18.07.2013 (17)
  12. Unbekannte Datei sniffer.php auf eigenem Webspace
    Alles rund um Mac OSX & Linux - 23.05.2013 (5)
  13. e- mails von eigenem local host
    Plagegeister aller Art und deren Bekämpfung - 26.11.2012 (13)
  14. auf eigenem PC PWs herrausfinden NICHT IM INET
    Alles rund um Windows - 12.10.2008 (3)
  15. Trojaner Überreste? 1.tmp
    Log-Analyse und Auswertung - 07.03.2007 (1)
  16. Überreste des MSN Wurms ?
    Log-Analyse und Auswertung - 10.09.2006 (4)

Zum Thema Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) - Da ich mich gerade mit cosinus um den Rechner meines Vaters kümmere, habe ich MBAM auch mal wieder auf meinem Rechner angeschmissen, und insbesondere fallen die Überreste von MySearchDial und - Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10)...
Archiv
Du betrachtest: Überreste von MySearchDial & Co. auf eigenem Rechner. (Windows 10) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.